Week 10: November 24-28

WEEK'S OBJECTIVE

Digital Security, Personal Security, Information Systems, E-Commerce. Book: Chapter 23

ITC QUIZ 8, due Sunday, November 30.

ITC ASSIGN 8, due Sunday, November 30.

Monday

GAMEPLAN

  • Computer security
  • Internet/Account Security
  • Identity security issues

Image about hacking a computer workflow - nonessential

DISCUSSION

Computer Security
  • Computer security is a form of Information security as applied to computers and networks.
  • Intentional computer security issues exploit a vulnerability in a computer's programming. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
  • Can apply to unplanned events, like damage to a computer, theft, or disasters.
  • Can affect performance of your computer hardware and peripherals - crashes, rerouted actions due to corrupted code, and loss of data due to corruption of your hard drive (computer viruses like a Trojan Horse).
  • Can affect the performance of software when code is corrupted and/or overwritten by malicious software (Malware, Spyware, Adware, Worm, Scareware, Ransomware).
  • Email can be compromised with Spam that contains viruses upon opening attachments or clicking on graphics.
  • Email can also be used to compromise you with Phishing and other social engineering threats. The intent is to manipulate you into either willingly or unwittingly giving private and personal security information so you can be exploited.
  • Accounts in social networking, including privacy and login information, can be hacked so that your account and even identity can be misused.
  • A denial-of-service attack is an attempt to make a computer resource unavailable to its intended users, like a website or internet service.
  • Web browsers can be breached in several ways, including having the main browser, or plugins, or specific browser components hacked to collect personal information, display pop-up ads, replace the default search engine, and/or install viruses.
  • Handy Infographic on internet security. (NerdGraphics)
Protecting your computers
  • Use virus protection and a firewall.
  • Use complex passwords.
  • Back up your important data often.
  • Use some kind of anti-theft accessory for your mobile devices, like Kensington locks, Bluetooth proximity alarm, "marking" your hardware with something like Retainaguard, consider using software that 'locates' your equipment and locks it for you, etc.
  • Secure your wireless network since most wireless routers may be set to no security when you install them.
  • Disconnect from the Internet when not in use.
  • Delete all unsolicited emails (especially those with attachments/links) without opening them.
  • Don't click on ads.
  • Don't fall for virus hoaxes or chain mail.
  • Be careful about allowing remote access to your computer.
  • Do frequent checks for malware and adware: ADWCleaner, Malwarebytes
  • FBI Tips (FBI)
  • Password Strength (XKCD)
  • Trigger Warning - Creating a Password (profanity but funny)
Interesting Links
BACK TO TOP

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Tuesday

GAMEPLAN

  • Internet/account security
  • Identity security issues

DISCUSSION

!!!!!!!!!!! Life/Singularity Handled by Lawyers !!!!!!!!!!!

Identity Security issues
  • Identity Security: Another form of information security, which focuses on the security and protection of people's identity, accounts, and finances from intentional misuse and crime by others. Identity security is different from identity privacy (personal information shared/sold), although they have some overlap in effects to you.
  • Harassment: Directed obscenities and derogatory comments at specific individuals focusing on gender, race, religion, nationality, sexual orientation, etc. May include actual specific threats.
  • Cyberstalking: Use of electronic means to stalk, terrorize, harass, or otherwise control an individual, a group of individuals, or an organization.
  • Cyberterrorism: Scams and attacks that are part of an organized effort by cyberterrorists and/or foreign intelligence services. Can include cyber warfare.
  • Fraud: Unscrupulous people use data about you online to target you for phishing scams, access your money, and to commit other crimes.
  • Identity Fraud/Theft: Stealing or using someone's identity in order to access resources, information, obtain credit, and/or steal finances or other benefits in that person's name. Identity fraud victims often do not know how their personal information was obtained - through malware, cyber attacks, skimming financial card info, finding published user information and privacy details, etc.
  • Stop Watching Us (BoingBoing)
  • Onion Map (The Onion)
Computer/Account Security tips
  • Beware of Skimmers. Check out some of the kinds of credit card/info skimmers.
  • Protect your own computer and mobile devices with a firewall and good antivirus software. Examples include Kaspersky, McAffee, Norton, AVG, and Microsoft's built-in firewall.
  • Avoid downloading free software, and most especially avoid accepting any free toolbar, new search engine, or other downloadable adware attached to most free software downloads.
  • Create strong passwords. do not give them to anyone, and be willing/able to change them regularly/as needed to other strong passwords. They should not contain easily identifiable information like birthdates or addresses. They should contain either a combination of words or a combination of small and capital letters, numbers, and special characters like ! and ?.
  • Do not click links or images in any of your email, especially since email from your own friends might be hijacked and sending you attempts at phishing and malware.
  • Do not respond or click any attachments, links, or images of any email that is trying to get you to give any personal or security information. Even if you get an email from a trusted vendor or service you use, it is 99% likely to be a carefully constructed scam.
  • Limit the information you give out to any website that you register for, reply to a survey from, do a poll or petition on, and make purchases from. For transitory websites that demand an email, create a free "throw-away" email account as a dumping spot for unwanted emails.
  • Use any and all privacy options offered by your browser(s) and by any social networking and website accounts you set up. Many websites give options to suppress the amount of personal information revealed through the customization of privacy settings. However privacy settings can reset if changes to the website occur, so be willing to check up on your main accounts, like Facebook, Twitter, Amazon, your utility and banking websites, etc.
  • When choosing privacy/security questions and answers, choose unlikely questions and give answers that are not aligned to real-life info.
  • Never give out your SSN or other private financial or account information online, with the rare exceptions of US government sites (Employment Security, online income tax filing). Be absolutely certain you are on a secure website during any financial transaction.
  • Passwords (MeatballCandy)
Interesting Links
BACK TO TOP

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Wednesday

GAMEPLAN

  • Information Systems

DISCUSSION

Information systems
  • What is an Information System? (YouTube/owner)
  • The study of theories and practices of social and technological phenomena which determine the development, use, and effects of information systems in organizations and society.
  • Also, the software and hardware systems that support data-intensive applications, like e-commerce, database applications, medical records management, etc.
  • Also, a component that supports the information needs of an organization.
Components of information systems
  • Input: Information resources needed to plug into an organization's plan of action - data, tools, info about supplies and costs, customer needs, etc.
  • Processing: The organization and management of the resources in a useful way with the intent to produce a result beneficial to the organization - plan for a product or service, research results, etc.
  • Feedback: The storage and updating of information for output and future use.
  • Output: An information product resulting from the processing of the information resources - a report, database, analysis result, etc.
  • Control: The filtering, sorting, and clear organization of the stored information.
Types of information systems
  • Transaction processing systems: A type of computing that divides work into individual operations, called transactions, which allow for the collection, processing, storage, and results of information and activity. Focus is on storage and retrieval of data, and archiving of unneeded data.
  • Management information systems: These give business managers the information that they need to make decisions - sales, inventories, supply chain, customer relationships, human resources, and other data that help in managing an organization.
  • Enterprise resource planning: Systems that integrate internal and external management of information across an entire organization using a unified database or data warehouse. For instance, MyGHC, Amazon.com's core database.
  • Search engines: These store information in databases about web pages, which they retrieve from links on web pages and supply results to user queries.
  • Geographic information system: These are designed to capture, store, manipulate, analyze, manage, and present all types of geographical data. Google maps and GPS systems in cars are usage examples.
  • Office automation: The varied computer machinery and software usedmto digitally create, collect, store, manipulate, and relay office information needed for accomplishing basic tasks
Use of information systems
  • An organization has many forms of information system transactions happening at once - financial, supplier, customer, employee, marketing, payroll, business requirements, etc.
  • Businesses need information at the fingertips in order to communicate with customers, negotiate prices with vendors, manage employees, track and control costs, market products and services, etc.
  • Information comes in thousands to millions of different pieces from different forms of input: employee data entry, customer online account creation, vendor pitches and sales, government regulations, interactions with related businesses, etc.
  • Businesses focus on efficiency and adding value to products, services, speed of service, and customer relationships in order to maximize profit and minimize costs and errors.
Why this matters
  • It gets things done!
  • In practical terms, our whole lives have been digitized. Every service, sale, procedure, job, and activity we access is organized and offered due to the use and management of systems of information.
  • Information is captured about us, and provided by us, for every activity - registering for school, applying for and getting a job, making purchases online, using phone services, going to the doctor, etc.
  • The more information there is available about us, the more effective a business can be about targeting products and services to us.
  • The more information a business has, and the better able the business can manage and use that information, the more likely that business will be able to minimize its costs and maximize its profits and successes.
E-Business
  • E-Business is the application of information and communication technologies (ICT) in support of all the activities of business.
  • The strategic focus with an emphasis on the functions that occur using electronic capabilities, such as email, databases, e-commerce tools, social networking, etc.
  • Includes processes spanning the entire value chain: electronic purchasing and supply chain management, processing orders electronically, handling customer service, human resource management, data collection and marketing, and cooperating with business partners.
  • E-business is 24 hours a day, 7 days a week, without holidays or even weekends in many cases. Businesses use global call centers, global distribution centers, and other resources both inside and outside the organization's home country.
E-Business relationships
  • B2B: Business-to-business, which refers to commerce transactions between businesses, such as between a manufacturer and a wholesaler, or between a wholesaler and a retailer.
  • B2C: Business-to-consumer, which refers to commerce transactions between businesses and customers - retail sales, etc.
  • C2C: Consumer-to-consumer, which refers to electronically handled transactions between consumers through some third party. Examples include PayPal, Craigslist, etc.
  • B2E: Business-to-employee, which refers to an intrabusiness network which allows companies to provide products and/or services to their employees. Examples include online insurance management, employee benefits reporting, etc.
E-Commerce
  • E-Commerce is the industry in which the buying/selling of products or services is conducted over electronic systems such as the Internet and other computer networks.
  • Services/activities include banking, product purchases, shipping, electronic funds transfer, inventory systems, travel booking, and data collection
  • Sales outlet websites
  • Demographic data for marketing and targeting customers
  • Business-to-business exchange of data
  • Media for reaching customers - email, instant messaging, blogs, forums, etc.
  • Commerce transactions between businesses, such as suppliers and vendors
  • Security of business transactions.
Online shopping info
  • In 2012, U.S. e-commerce sales amounted to 289 billion U.S. dollars, up from 256 billion U.S. dollars in 2011. What are people buying online??
  • A 2012 e-commerce market forecast projects online retail revenue in the United States reaching 361.9 billion U.S. dollars in 2016
  • The number of U.S. digital shoppers is expected to grow from 137 million in 2010 to 175 million in 2016, according to eMarketer estimates.
  • Currently, more than 37.6 million people in the United States are mobile buyers, using their tablets, smartphones and other connected devices to shop online.

Interesting Links

BACK TO TOP

TO DO

  • ITC QUIZ 8: Due Sunday, November 30.
  • ITC ASSIGN 8: Due Sunday, November 30.
  • ITC FINAL: Powerpoint file, upload on CANVAS tool, before NOON, Tuesday, December 9, 60 points.
    • Classroom Final Presentations will be held during finals hours: Room #3168, 8:00am, Tuesday, December 9.
Resources
  • Book: Chapter 23
BACK TO TOP