Computer Waste unintegrated information
systems, which make it difficult for decisions
makers to collaborate and share information.
Computer-Related Mistakes caused by unclear
expectations coupled with inadequate training
and a lack of feedback
.
PREVENTING COMPUTER-RELATED WASTE AND
MISTAKES organizations must use all resources
wisely.
Establishing Policies and Procedures The first
step to prevent computer-related waste is to
establish policies and procedures regarding
efficient acquisition, use, and disposal of
systems and devices.
Prevention of computer-related mistakes
Data-entry or data-capture errors
Errors in computer programs
Errors in handling files, including formatting a
disk by mistake, copying an old file over a newer
one, and deleting a file by mistake
Mishandling of computer output
Inadequate planning for and control of
equipment malfunctions
Inadequate planning for and control of
environmental difficulties (e.g., electrical and
humidity problems)
Installing computing capacity inadequate for
the level of activity
Failure to provide access to the most current
information by not adding new Web links and
not deleting old links
Preventing computer-related mistakes begins
by identifying the most common types of errors.
Computer usage policies Organizations
establish polices to keep employees from
wasting time.
Implementing Policies and Procedures
Implementing policies and procedures to
minimize waste and mistakes varies according to
the business conducted.
Training is another key aspect of
implementation. Many users are not properly
trained in using applications, and their mistakes
can be very costly.
Computer training helps to ensure acceptance
and implementation of policies and procedures.
Monitoring Policies and Procedures To ensure
that users throughout an organization are
following established procedures, the next step
is to monitor routine practices and take
corrective action if necessary
Reviewing Policies and Procedures The final
step is to review existing policies and
procedures and determine whether they are
adequate
This review and planning allows companies to
take a proactive approach to problem solving,
which can enhance a companys performance,
such as increasing productivity and improving
customer service.
COMPUTER CRIME is less dangerous as a
computer criminal with the right equipment and
know-how can steal large amounts of money
without leaving his or her home.
Internet Crime Computer Center : An alliance
between the White Collar Crime Center and the
Federal Bureau of Investigation that provides a
central site for Internet crime victims to report
and to alert appropriate agencies of crimes
committed.
Computer crime Computer crime is a serious
and growing global concern.
THE COMPUTER AS A TOOL TO COMMIT CRIME
A computer can be used as a tool to gain access
to valuable information and as the means to
steal millions of dollars.
social engineering: Using social skills to get
computer users to provide information that
allows a hacker to access an information system
or its data. a critical computer password has
been talked out of a person.
dumpster diving: Going through the trash of an
organization to find secret or confidential
information, including information needed to
access an information system or its data.
Identity thieves are not above searching an
organizations trash to find confidential
information.
cyberterrorism: The intimidation of government
or civilian population by using information
technology to disable critical national
infrastructures (e.g., energy, transportation,
telecommunications, banking and finance, law
enforcement, and emergency response) to
achieve political, religious, or ideological goals.
Cyberterrorism includes threats or attacks
against a countrys critical infrastructure, such
as the air traffic control system.
cyberterrorist: Someone who intimidates or
coerces a government or organization to
advance his or her political or social objectives
by launching computer-based attacks against
computers, networks, and the information
stored on them.
identify theft: A crime in which an imposter
obtains key pieces of personal identification
information, such as Social Security or drivers
license numbers, to impersonate someone else.
Computer Theft Ploutus malware is designed to
steal money directly from ATM machines.
THE COMPUTER AS A TOOL TO FIGHT CRIME
The computer is also used as a tool to fight
computer crime. Information systems are used
to fight crime in many ways, including helping
recover stolen property, monitoring sex
offenders, and helping to better understand and
diminish crime risks.
Recovery of Stolen Property The LeadsOnline
Web-based service system is one of several
information systems used by law enforcement
to recover stolen property
Monitoring Criminals JusticeXchange is a Web-
based data sharing system that places millions
of nationwide booking records at the fingertips
of law enforcement officials. The system makes
it easy to collaborate with other law
enforcement professionals to locate persons of
interest.
Assessing Crime Risk for a Given Area The
ready availability of personal computers,
coupled with the development of mapping and
analysis software,
Mapping crime risk A GIS helps law
enforcement agencies track and even diminish
crime risks.
THE COMPUTER AS THE OBJECT OF CRIME Each
time system access is illegally obtained, data or
computer equipment is stolen or destroyed, or
software is illegally copied, the computer
becomes the object of crime.
Common methods used to commit computer
crimes
-Add, delete, or change inputs to the computer
system = Delete records of absences from class
in a students school records.
-Modify or develop computer programs that
commit the crime. = Change a banks program
for calculating interest so it deposits rounded
amounts in the criminals account.
-Alter or modify the data files used by the
computer system. = Change a students grade
from C to A
-Operate the computer system in such a way as
to commit computer crime. = Access a restricted
government computer system.
-Offer worthless products for sale over the
Internet = Send emails requesting money for
worthless hair growth product.
Illegal Access and Use Crimes involving illegal
system access and use of computer services are
a concern to both government and business.
hacker: A person who enjoys computer
technology and spends time learning and using
computer systems.
criminal hacker (cracker): A computer-savvy
person who attempts to gain unauthorized or
illegal access to computer systems to steal
passwords, corrupt files and programs, or even
transfer money.
script bunny: A derogatory term for
inexperienced hackers who download programs
called scripts that automate the job of
breaking into computers.
insider: An employee, disgruntled or otherwise,
working solo or in concert with outsiders to
compromise corporate systems.
Insider threats The loss of Malaysia Airlines
Flight 370 may have been an inside crime.
malware: Software programs that when loaded
into a computer system will destroy, interrupt,
or cause errors in processing.
Common types of computer malware
-Logic Bomb = A type of Trojan horse that
executes when specific conditions occur.
Triggers for logic bombs can include a change in
a file by a particular series of keystrokes or at a
specific time or date.
-Rootkit = A set of programs that enables its
user to gain administrator level access to a
computer or network. Once installed, the
attacker can gain full control of the system and
even obscure the presence of the rootkit from
legitimate system administrators.
-Trojan Horse = A malicious program that
disguises itself as a useful application or game
and purposefully does something the user does
not expect
-Variant = A modified version of a virus that is
produced by the viruss author or another
person by amending the original virus code.
-Virus = A malicious program that copies itself
and infects a computer, spreading from one file
to another, and then from one computer to
another when the files are copied or shared.
Most viruses attach themselves to executable
files, but some can target a master boot record,
autorun scripts, or Microsoft Office macros.
-Worm = A malicious program that spreads from
computer to computer, but unlike a virus, it can
spread without any human action. For example,
a worm can send a copy of itself to everyone
listed in your email address book.
spyware: Software that is installed on a
personal computer to intercept or take partial
control of the users interaction with the
computer without the knowledge or permission
of the user.
password sniffer: A small program hidden in a
network or a computer system that records
identification numbers and passwords.
Protecting computers To fight computer crime,
many companies use devices that disable the
disk drive or lock the computer to the desk.
software piracy: The act of unauthorized
copying, downloading, sharing, selling, or
installing of copyrighted software.
digital rights management (DRM): Refers to the
use of any of several technologies to enforce
policies for controlling access to digital media,
such as movies, music, and software.
Patent infringement Apple and Samsung are
involved in a series of patent infringement legal
battles regarding the design of smartphones
and tablet computers.
phishing: A form of computer scam that
attempts to get users to gain access to a
customers private information through a fake
Web site.
vishing: A scam that attempts to steal an
individuals private information by having them
call a phone number and enter personal data.
smishing: A scam that attempts to steal an
individuals private information by having them
respond to a text message.
International Computer Crime Computer crime
becomes more complex when it crosses
borders. Money laundering is the practice of
disguising illegally gained funds so that they
seem legal.
United States Computer Emergency Readiness
Team (US-CERT): Part of the Department of
Homeland Security that leads U.S. efforts to
improve the nations cybersecurity posture,
coordinate cyber information sharing, and
proactively manage cyber risks to the nation.
separation of duties: The careful division of the
tasks and responsibilities associated with a key
process so that they must be performed by
more than one person.
Biometric smartphone Many new biometric ID
systems are being considered for use with
smartphones
intrusion detection system (IDS): Monitors
system and network resources and traffic and
notifies network security personnel when it
senses a possible intrusion.
security dashboard: Software that provides a
comprehensive display on a single computer
screen of all the vital data related to an
organizations security defenses, including
threats, exposures, policy compliance and
incident alerts.
managed security service providers (MSSPs):
Organizations that monitor, manage, and
maintain network security for both hardware
and software for other organizations.
antivirus program: Software that runs in the
background to protect your computer from
dangers lurking on the Internet and other
possible sources of infected files.
Top-rated antivirus software
-For Windows systems = Webroot Secure
Anywhere Antivirus, Norton, Bitdefender,
Kaspersky, AVG, Malwarebytes
-For Mac systems = Kromtech MacKeeper,
Intego Mac Internet Security, Kaspersky Internet
Security for Mac, Norton Antivirus, Avira Free
MacSecurity
Antivirus software should be used and updated
often.
Privacy at Work The right to privacy at work is
also an important issue. Employers are using
technology and corporate policies to manage
worker productivity and protect the use of IS
resources.
Email and work privacy Email has changed how
workers and managers communicate in the
same building or around the world. Email,
however, can be monitored and intercepted. As
with other services, such as cell phones, the
convenience of email must be balanced with
the potential of privacy invasion.
Privacy and Instant Messaging Using instant
messaging (IM) to send and receive messages,
files, and images introduces the same privacy
issues associated with email
Privacy and Personal Sensing Devices RFID
tags, essentially microchips with antenna, are
embedded in many of the products we buy,
from medicine containers, clothing, and books
to computer printers, car keys, and tires.
Privacy and the Internet Some people assume
that there is no privacy on the Internet and that
you use it at your own risk.
Privacy and Internet Libel Concerns Libel
involves publishing an intentionally false written
statement that is damaging to a persons or
organizations reputation.
Corporate Privacy Policies Even though privacy
laws for private organizations are not very
restrictive, most organizations are sensitive to
privacy issues and fairness.
Individual Efforts to Protect Privacy Although
numerous state and federal laws deal with
privacy, the laws do not completely protect
individual privacy.
Fairness Issues
-The right to know
-The ability to decide
Database Storage
-Knowledge
-Control
Database Usage
-Notice
-Consent
Knowledge. Should people know what data is
stored about them? In some cases, people are
informed that information about them is stored
in a corporate database. In others, they do not
know that their personal information is stored
in corporate databases.
Control. Should people be able to correct errors
in corporate database systems? This ability is
possible with most organizations, although it
can be difficult in some cases.
Notice. Should an organization that uses
personal data for a purpose other than the
original purpose notify individuals in advance?
Most companies dont do this.
Consent. If information on people is to be used
for other purposes, should these people be
asked to give their consent before data on them
is used? Many companies do not give people
the ability to decide if such information will be
sold or used for other purposes.
filtering software: Software that screens
Internet content.
Top-rated Internet filters
NetNanny
McAfee Family Protection
PureSight PC
BBB recommends that a privacy notice includes
the following elements:80
Policy (what personal information is being
collected on the site)
Choice (what options the customer has about
how/whether his or her data is collected and
used)
Access (how a customer can see what data
has been collected and change/correct it if
necessary)
Security (state how any data that is collected
is stored/protected)
Redress (what a customer can do if the
privacy policy is not met)
Updates (how policy changes will be
communicated)
Health Concerns Organizations can increase
employee productivity by paying attention to
the health concerns in todays work
environment.
Avoiding Health and Environmental Problems
Two primary causes of computer-related health
problems are a poorly designed work
environment and failure to take regular breaks
to stretch the muscles and rest the eyes
ergonomics: The science of designing machines,
products, and systems to maximize the safety,
comfort, and efficiency of the people who use
them.
Ergonomics Developing certain ergonomically
correct habits can reduce the risk of adverse
health effects when using a computer
The following is a useful checklist to help you
determine if you are properly seated at a
correctly positioned keyboard:81
Your elbows are near your body in an open
angle to allow circulation to the lower arms and
hands
Your arms are nearly perpendicular to the
floor Your wrists are nearly straight
The height of the surface holding your
keyboard and mouse is 1 or 2 inches above your
thighs
 Center the keyboard in front of your body.
The monitor is about one arms length (20 to
26 inches) away
The top of your monitor is at eye level
Your chair has a backrest that supports the
curve of your lower (lumbar) back

code of ethics: A code that states the principles

and core values that are essential to a set of
people and that, therefore, govern these
peoples behavior.

1. contribute to society and human well-being.

2. avoid harm to others.
3. be honest and trustworthy.
4. be fair and take action not to discriminate.
5. honor property rights including copyrights
and patents.
6. give proper credit for intellectual property.
7. respect the privacy of others.
8. honor confidentiality.