Top Banner
Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy
44

Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Apr 01, 2015

Download

Documents

Mandy Grays
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Today and Tomorrow 12th Edition

Understanding Computers

Chapter 15:

Computer Security and Privacy

Page 2: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 2

Learning Objectives• Explain why all computer users should be concerned

about computer security.

• List some risks associated with hardware loss, damage, and system failure, and understand ways to safeguard a PC against these risks.

• Define software piracy and digital counterfeiting and explain how they may be prevented.

• Explain what information privacy is and why computer users should be concerned about it.

Page 3: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 3

Learning Objectives• Describe some privacy concerns regarding databases,

electronic profiling, spam, and telemarketing, and identify ways individuals can protect their privacy.

• Discuss several types of electronic surveillance and monitoring and list ways individuals can protect their privacy.

• Discuss the status of security and privacy legislation.

Page 4: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 4

Overview• This chapter covers:

– Why computer security is important

– Security concerns related to hardware loss and damage and precautions that can be taken

– A discussion of software piracy and digital counterfeiting and steps to reduce the occurrence of them

– Why information privacy is important

– Possible risks for personal privacy violations and precautions to safeguard one’s privacy

– Discussion of legislation related to computer security and privacy

Page 5: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 5

Why Be Concerned About Computer Security?

• There are a number of security concerns related to computers that users should be aware of, including:

– Having a PC stolen

– Losing important data

– Losing contact lists

– Pirated or counterfeited products

Page 6: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 6

Hardware Loss, Damage, and System Failure

• Hardware loss: Can occur when a portable PC, USB flash drive, mobile device, or other piece of hardware is stolen or lost by the owner

• Hardware theft: One of the most obvious types of hardware loss

– Occurs when hardware is stolen from an individual or an organization

– Hardware can be stolen from homes, businesses, cars, airports, hotels, etc.

– Often for the value of the hardware, but increasingly for the information that might be contained on the hardware

• C level attacks are growing

Page 7: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 7

Hardware Loss, Damage, and System Failure

• Hardware damage: Can be accidental or intentional• System failure: The complete malfunction of a

computer system– Can be due to a hardware problem, software

problem, or computer virus– Can be due to a natural disaster or planned attack

Page 8: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 8

Protecting Against Hardware Loss, Damage, and System Failure

• Use door and computer equipment locks

– Cable locks

– Security slots

Page 9: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 9

Protecting Against Hardware Loss, Damage, and System Failure

• Use encryption to protect data

– Increasingly used with USB flash drives, notebook PCs, hard drives, etc.

– Full disk encryption (FDE): Everything on storage medium is encrypted

– Self-encrypting hard drive: A hard drive using FDE

Page 10: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 10

Protecting Against Hardware Loss, Damage, and System Failure

• Computer tracking software: Used to find a PC after it is lost or stolen

– Sends out identifying data via the Internet

– Law enforcement can use this data to recover the PC

– Most often used with PCs but also available for other devices

– Kill switch: Software used to destroy sensitive data on a stolen or lost PC

• Other precautions:

– Alarm software, tamper evident labels, etc.

– Common sense

Page 11: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 11

Protecting Against Hardware Loss, Damage, and System Failure

Page 12: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 12

Protecting Against Hardware Loss, Damage, and System Failure

• Proper hardware care: Needed to prevent damage

– Ruggedized PCs: Designed for more abuse than conventional hardware

Page 13: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 13

Protecting Against Hardware Loss, Damage, and System Failure

– Surge suppressor: Protects hardware from damage due to electrical fluctuations

– Uninterruptible power supply (UPS): Provides continuous power to a computer system for a period of time after the power goes off

Page 14: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 14

Protecting Against Hardware Loss, Damage, and System Failure

– Also:

• Watch dust, moisture, static, heat, etc.

• Avoid head crash

• Stop USB devices before removing

• Use screen protectors, jewel cases, etc.

Page 15: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 15

Protecting Against Hardware Loss, Damage, and System Failure

• Backup and disaster recovery plans: – Both businesses and individuals should use

appropriate backup procedures– Continuous data protection (CDP): Enables data

backups to be made on a continual basis– Backup media needs to be secured

• Data storage companies store backup media at secure remote locations

• Online backup is another possibility– Disaster-recovery plan: Spells out what an

organization will do to prepare for and recover from a disruptive event

• Hot sites

Page 16: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 16

Software Piracy and Digital Counterfeiting

• Software piracy: Unauthorized copying of a computer program– Widespread, global problem– Occurs when:

• Individuals make illegal copies of software to give to friends

• Businesses or individuals install software on more than the number of computers allowed according to the end-user license agreement (EULA)

• Sellers install unlicensed copies on PCs sold to consumers

• Large-scale operations in which programs and packaging are illegally duplicated and sold as supposedly legitimate products

Page 17: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 17

Software Piracy and Digital Counterfeiting

Page 18: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 18

Software Piracy and Digital Counterfeiting

• Digital counterfeiting: The use of computers to make illegal copies of currency, checks, collectibles, and other items

– Often scanned and printed or color-copied

Page 19: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 19

Protection Against Software Piracy and Digital Counterfeiting

• Protection against software piracy:

– Educating businesses and consumers

– Strengthening antipiracy laws

– Holograms: Printed text or images attached to a product that change their appearance when the product is tilted

– Mandatory product registration/activation

– Watching online auction sites/lawsuits

Page 20: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 20

Protection Against Software Piracy and Digital Counterfeiting

• Protecting against digital counterfeiting

– New currency designs

• Microprinting, watermarks, security thread, etc.

• Special paper is used with U.S. currency

– Identifying technology included in digital imaging hardware

– Digital watermarks: Subtle alteration to a digital item that is not noticeable but that can be retrieved to identify the owner of the item

– Also can use:

• Holograms, RFID tags, and other hard-to-reproduce content

Page 21: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 21

Protection Against Software Piracy and Digital Counterfeiting

Page 22: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 22

Why Be Concerned AboutInformation Privacy?

• Privacy: State of being concealed or free from unauthorized intrusion

• Information privacy: Rights of individuals and companies to control how information about them is collected and used

• Computers add additional privacy challenges– Many data breaches recently due to lost or stolen

hardware, carelessness with documents containing sensitive data, database breaches, etc.

• Businesses need to be concerned with the expense, damage to reputation, and possible lawsuits

• Web activity and e-mail privacy was discussed in Chapter 8; other privacy concerns are discussed next

Page 23: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 23

Databases, Electronic Profiling, Spam, and Other Marketing Activities

• Marketing database: Collection of data about people, used for marketing purposes

– Data obtained through online and offline purchases, public information, etc.

– Beginning to be used in conjunction with Web activities

• Government database: Collection of data about people, collected and maintained by the government

– Tax information, Social Security earnings, personal health records, marriage and divorce information

– Some information is confidential, other is public

Page 24: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 24

Databases, Electronic Profiling, Spam, and Other Marketing Activities

Page 25: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 25

Databases, Electronic Profiling, Spam, and Other Marketing Activities

• Electronic profiling

– Using electronic means to collect a variety of in-depth information about an individual

Page 26: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 26

Databases, Electronic Profiling, Spam, and Other Marketing Activities

• Privacy policy: Discloses how information you provide will be used

– Included on many Web sites

Page 27: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 27

Spam and Other Marketing Activities

• Spam: Unsolicited, bulk e-mail sent over the Internet– Often involves health-related products, fraudulent

business opportunities, pornography, etc.– Ads from companies a person has done business

with are also considered to be spam by many– Appearing via instant messaging (spim)– Also delivered via mobile

phones and fax machines– Spam legislation enacted

some regulations regarding spam

• Other annoyances– Pop-up ads– Pop-under ads– Telemarketing

Page 28: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 28

Protecting the Privacy of Personal Information

• Safeguard your e-mail address

– Use a throw-away e-mail address (an extra e-mail address that you can use for activities that might result in spam)

• Get a second e-mail address from your ISP or from Hotmail, Yahoo! Mail, or Gmail

• Can stop using it and get a new one when needed

Page 29: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 29

Protecting the Privacy of Personal Information

• Be cautious of revealing personal information

– Read a Web site’s privacy policy

– Can use privacy software, such as the free Privacy Bird program

– Do not supply personal information to people in chat rooms

Page 30: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 30

Protecting the Privacy of Personal Information

– Avoid putting too many personal details on your Web site

– Be wary of sites offering prizes in exchange for personal information

– Can use an anonymous Web browsing service, such as Anonymizer

– Supply only the required information in registration forms

– Delete your browsing history and e-mail settings when using a public computer

Page 31: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 31

Protecting the Privacy of Personal Information

Page 32: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 32

Protecting the Privacy of Personal Information

• Use an e-mail filter to automatically route possible spam into a special folder to deal with later

Page 33: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 33

Protecting the Privacy of Personal Information

• Can opt out from marketing activities

– Some privacy groups want individuals to have to opt in to activities instead

– Do Not Call Registry: Can reduce calls from telemarketers

– Do Not E-Mail Registry: May be a possibility for the future, but more difficult to implement

• Web servers holding sensitive data should be secured

– Only enter personal information on Web sites using secure servers

– Automatic encryption systems for e-mail can help sensitive data from accidentally being revealed

Page 34: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 34

Protecting the Privacy of Personal Information

• Properly dispose of hardware and outdated data

– Wipe (not just delete) data on hard drives before disposing of a computer or hard drive

– Storage media containing sensitive data should be shredded

– Businesses should have a media sanitation/data destruction policy

Page 35: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 35

Electronic Surveillance and Monitoring

• Computer monitoring software: Used to record an individual’s computer usage either by capturing images of the screen or by recording the actual keystrokes used

– Can be used in homes by adults to monitor computer usage of children or spouse

– Can be used in businesses to monitor employee computer usage

– Keystroke-logging programs: Used to capture keystrokes

• Can be used by hacker to capture usernames, passwords, and other sensitive information entered into a PC

– Used by the government in criminal investigations

Page 36: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 36

Computer Monitoring Software

Page 37: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 37

Electronic Surveillance and Monitoring

• Video surveillance: The use of video cameras to monitor activities of individuals

– Used to monitor employees

– Used in public locations for crime-prevention purposes

• Stores and other businesses

• Public streets

• Subways, airports, etc.

– Can be used with face recognition software

– Privacy issues also involved with the use of camera phones

Page 38: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 38

Video Surveillance

Page 39: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 39

Electronic Surveillance and Monitoring

• Employee monitoring: Observing or reviewing employees’ actions while they are on the job– Can monitor computer usage– Can monitor physical location

• Video cameras• GPS capabilities built into cars or mobile phones• Proximity cards

– Can also be used to access facility, computer, etc.

– Businesses should notifyemployees

Page 40: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 40

Electronic Surveillance and Monitoring

• Presence technology: Enables one computing device to locate and identify the current status of another device on the same network– Instant messaging, mobile phones, etc.– Can be used to locate coworkers or by customers– May also be used

for marketing activities in the future

Page 41: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 41

Protecting Personal andWorkspace Privacy

• Can use antispyware software to detect if someone is monitoring your computer usage

• Employers have a responsibility to keep employee and customer information private and secured

• Employees should be familiar with their company’s employee policy and avoid personal activities at work

Page 42: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 42

Computer Security andPrivacy Legislation

• Difficult for legal system to keep pace with technology

• Difficult to balance freedom of speech with privacy

Page 43: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 43

Computer Security andPrivacy Legislation

Page 44: Today and Tomorrow 12 th Edition Understanding Computers Chapter 15: Computer Security and Privacy.

Chapter 15 Understanding Computers, 12th Edition 44

Summary• Why Be Concerned About Computer Security

• Hardware Loss, Damage, and System Failure

• Software Piracy and Digital Counterfeiting

• Why Be Concerned About Information Privacy

• Databases, Electronic Profiling, Spam, and Other Marketing Activities

• Electronic Surveillance and Monitoring

• Computer Security and Privacy Legislation