Introduction to Computer Information Systems/Computer Security

Hardware Loss or Damage

edit
 
Brokenlaptop

Hardware loss is inevitable. With so many people wanting the latest and greatest, you could imagine that others might get jealous, or desperate. Hardware theft is prominent and a large issue in the world. For whatever reason, peoples personal possessions are stolen. They could be stolen for valuable information, or just to pawn off the items for some quick money. With 1.6 million phones being stolen, this is an issue that needs to be dealt with.[1] Hardware loss is not the only way someone could lose their laptop or Android.[2] Hardware damage can render any of the latest and greatest useless. Whether is was a clogged fan, spilled water, or dropping it on the floor. When that moment arises, you know that it could all be gone within a matter of seconds.

File:Viruses.jpg
Not Good...

System Failure is the complete malfunction of a computer system. This may be due to hardware failure, severe issues with certain software on the computer, or even a computer virus. Frequently, system failure will cause the computer to freeze, reboot, or stop functioning altogether and the repercussions of such an event can be devastating for a business. The result is often either the loss of important data, delays in the transfer of important information, and in some cases even the inability to function properly. An easy example of a system failure can be seen in the lawsuit California issued against SAP Public Services Inc.[3] California's payroll was affected by SAP's software solutions which cost the people of the state of California $250 million as well as delaying the paychecks of numerous employees of the California government. In this case, there was no loss of data but rather delays in the transfer of information as well as the corruption of it. Some checks were overpaid, others were underpaid. In some instances the incorrect spouses were paid for child support which could have culminated in the court intervening for an unpaid mother or father. Insurance benefits were also denied to others because of the system's inability to transmit data regarding medical deductions. It can be easily seen how a system failure can affect multiple people on many levels with a case like this, and how quickly the ability to function properly can be the result. The corruption of data and the inability to transfer it swiftly produced one of the largest debacles in government at the state level in recent times.

 
Computer locked

Along with hardware loss there are also ways to prevent and deal with unfortunate situations along these lines. Knowing about computer security can prevent many incidents from occurring that could result in the loss of personal information as well as the money you have put into your computer. The first tool for containing computer security can simply be just making sure what you have on your computer is information that could not damage your life if it was lost. But we do not live in a perfect world, and sometimes things slip and a credit card statement or a password to important information can be released. In this case, you should take all steps to prepare yourself to deal with that situation before it is too late. Software programs are available and free, however, such as “Adeona” which can be installed very easily onto your desktop. This program tracks the location of laptops, and can even take pictures of the perpetrator if you have a Mac. There is a recovery tool which can send you a text file of the information contained about the theft of a laptop, which can then be taken to the police to hopefully resolve the issue and bring liberty to the situation. There are other programs like this are available, as well as alarms that can be put on your laptop if someone unplugs it or puts in a wrong password. Steps like this can be taken to prevent loss of your computer and help keep your information safe.[4]

 
Surge Suppressor

As discussed before, hardware loss is a very unfortunate situation that can result in the loss of important data. The loss of data can be influenced by many things, including power shortages. A way an individual can protect their data is by using different devices that are available to purchase and use with their device. Surge suppressors provide an individual with the assurance that their hardware will be protected from damage in case there are electrical fluctuations. Surge suppressors work in a very simple way with few steps. The device protects an individual's hardware by channeling the extra voltage into the outlet's grounding wire, preventing the extra voltage from going to the device. However, the device still enables the normal amount of voltage to pass through to the device. An individual can also protect their hardware by investing in a uninterruptable power supplier, otherwise known as a UPS. These devices provide continuous power to the device if the power were to go out for a period of time. Another way that enables individuals to protect their data is by backing up their data. It is important for both businesses, as well as individuals to backup their data. There are multiple ways individuals can do so. One option that is available is to consider remote locations to store data, in case there is system failure at a main location. Another option is to store data through an internet "cloud" system. Overall, it is very important to backup data, regardless if an individual is convinced their data will not get stolen or destroyed. [5]

Locks

edit
 
WD disk with kensington

One form of physical security that is available on most electronics is the "Kensington Lock" or "Kensington Security Slot" (a.k.a. the "K-slot"). It's ubiquity amongst electronics has allowed it to become an industry standard on everything from PC cases, to laptops, to monitors. This type of anti-theft protection was patented in 1999 by the company Kryptonite. [6] This security measure is most often used in the scenario of a coffee shop, as if someone was going to run off with a laptop, it would add another level of complexity, making the laptop cumbersome and also raise suspicion in the eyes of observers of a theft. There has not been any physical locking mechanism as common as this to date.

Mobile Device Management

edit
 
Many schools are now switching from textbooks to tablets so the use of mobile device management has grown

The management of mobile devices is very common within institutions such as schools or companies that have mobile devices for their students or employees. The management of mobile devices can apply to many different situations. For example, it can apply to the management of devices owned by the institution. It may also apply to the management of devices that are connected to the wireless network of the institution. Usually, the IT department of the institution utilizes a third-party software that allows certain restrictions to be placed on particular mobile devices whether it be phones, tablets, or laptops.[7] Some popular softwares include AirWatch which is distributed by VMWare [8] and maas360 which is distributed by IBM.[9] Apple also has their own device management software that is integrated into iOS devices.[10] Some restrictions that may be implemented by mobile device management include the restriction of certain websites or applications. IT may also completely block the ability to download applications or surf the Internet on the devices. Although restriction to apps can be implemented, the management of mobile devices also includes the installing of apps onto devices. For example, if an entire company shares information and files through an application such as DropBox, then the IT department may simply install the application onto every device. This also allows for IT to update the app when needed instead of relying on the individual users to download the update. Another use of mobile device management is the restriction of features on the phone. For example, IT may restrict access to the camera to avoid pictures being taken within the workplace.[11]

Ruggedized Devices

edit
 
Panasonic Toughbook

Ruggedized devices are devices designed to withstand large amounts of physical abuse. There are two different classifications of ruggedized devices. Semi-rugged devices are able to withstand things like rain and dust, while ultra-rugged devices are able to withstand drops onto hard surfaces. These designs can also protect against accidental beverage spills and small burns. Ruggedized devices are often used by people who work outdoors. For example, construction workers, police officers, firefighters, and military personnel will often use ruggedized devices. Construction workers often use weatherproof stereos near worksites that prevent dust from getting in. Police officers will often have rugged laptops in their vehicles due to the possibility of extreme weather during investigations. Firefighters need their heart rate monitors and communication devices protected from high temperatures and the possibility of stray flames. Military personnel use rugged radios and video cameras during combat. Laptops and phones are among the most popular types of rugged devices.[12] Panasonic, an electronics company, produces a bestselling rugged laptop called a Toughbook. A Toughbook is usually very bulky and has a longer battery life compared to regular laptops.[13] Samsung produces a popular rugged cell phone called the Galaxy S5 Active. The Galaxy S5 Active was engineered for active lifestyles. It is water-resistant and shock-resistant.[14]

Mobile Devices

edit

As mobile devices become more common place, new cases and mean of protecting them are becoming more and more common. This is especially prevalent for smart phones. Smart phone are a substantial investment, and as they are used quite often, there are many opportunities for the device to be dropped, soaked, or crushed. As people want to protect their device, cases are found on most phones. They can be quite simple, just a piece of formed plastic, or quite advanced, with some completely sealing off the phone from scratches, dust, and full water immersion. Phones are not alone regarding protective cases. As tablets are used more and more, special cases are being made for their protection as well. Some cases protect the device, and provide a mounting point to use on steering wheels, dashboard, or vehicle windows. Many of the mounts are removable so the device can go from a navigation aid back to a phone in seconds.[15] Cases usually have some kind of screen protector to protect against scratches and sun glare. These protectors are thin pieces of plastic, which stick to the screen of the device. The thin plastic allows for the continued use of the touch screen, and provides protection. As the plastic gets scratched, it can be replaced.

 
The rear of the case with mounting hardware in view.

Encryption

edit
 
Ordinary hard drives like these may in time be replaced by self-encrypting ones.

As discussed previously in this Wikibook, it is very important to encrypt one's data and prevent it from being accessed by outside individuals. Two specific encryption measures are full-disk encryption (FDE) and self-encrypting hard drives. Full-disk encryption consists of encrypting all of the data on a storage medium, not just the individual files. Self-encrypting hard drives are ones that automatically encrypt stored data without the user having to manually do anything to encrypt it. The encryption occurs completely automatically and invisibly to the user from the moment the hard drive is manufactured, and they provide full-disk encryption. The encryption cannot be turned off and does not interrupt the work flow of the user. These devices protect data even when employees violate company policy by turning off network security features. SEDs are still rather expensive, so they are not as commonplace now as they might be in the future if costs decrease. They only started shipping in 2009, so it is likely that in the future, they will become cheaper and more common, increasing security standards and helping to keep the data of individual users, companies and corporations, and governmental agencies inaccessible to and safe from outside forces and hackers.[16]

Software Piracy

edit

Software piracy, a common name for file sharing, is the illegal copying and distribution of software. It is unauthorized by the copyright holder of the software, and it is a widespread recurrence in the computer era of today. If one purchases a software, he or she is not the owner of that particular software, but he or she is only licensed to the software. This means he or she can make copies, but for their own use only, or as stated in the End User License Agreement. In the United States and other countries, it is illegal to make copies of software, movies, CDs, etc., and then redistribute these copies to someone. In countries such as Sweden, copyright law restricts people to non-commercial sharing. A few common types of software piracy are the following: counterfeit software, OEM unbundling, soft lifting, hard disk loading, corporate software piracy, and Internet software piracy.[17] Software piracy is debated currently, with one side stating that it has a negative effect on the economy because it reduces the funding for ongoing developmental efforts, and it prevents users from getting high quality technical support and product updates, while the pro-sharing argument states that people should be allowed to share as they wish, and the financial benefit of corporations granted by Intellectual Property Law is unjust. However, BSA is a common software who is a global organization that forms to advance free, and open world transfer for legitimate software by advocating strong intellectual property protection. The BSA works with many software and commercial companies to stop file sharing.

 
Piracy cartoon

What some people may not realize is that after purchasing software, they do not own the software, but have instead purchased a license to use the software. Upon purchasing software, the purchaser has agreed to certain limitations concerning the software, such as only using the software on one computer. The purchaser also agrees to not make any illegal copies or install it on a computer other than their own. Any illegal act concerning misuse or duplication of software is known as software piracy. There are many ways to prevent and protect against software piracy. One tip is to better educate consumers and businesses of the threat of piracy. Some consumers may be purchasing pirated material without even having knowledge of it. It is important for people to use credible sources when purchasing software. Also, it may help to make people more aware of the damage that using pirated material can cause. According to the BSA, (Business Software Alliance) revenue loss in software companies in 2008 reached fifty billion dollars. According to the BSA Global Software Piracy study, fifty seven percent of the Worlds computer users admitted to using pirated software. Whether it is the unauthorized installation of a program onto a computer, or the illegal distribution of software, it is considered software piracy and is punishable by the law. Perhaps educating people on the large deficits software companies experience due to piracy would make the act less prevalent.[18]

Electronic Profiling, Privacy Policy and Spam

edit

Marketing Databases

edit
 
Different Ways to Use Psychographic Data in Online Marketing

The most types of direct marketing require a database with customer information. With this information the seller can design communication taking into account the individual characteristics of prospective customers, both private individuals and companies. The database is being formed for a considerable time, or being purchased from specialized companies, supplying various specialized databases. Marketing databases - is the process of creation, maintenance and using of customer information for the purpose of contacting the latter and do the business. Along with information about the actual customer, has used the services of the company, they should be collected information about potential consumers. Databases should be constantly improved based on the accumulation of information about the value of the consumer - the frequency and the value of purchases made by him. This method of maintaining the database using the ranking values consumer received the name of the method RFM (Recency, Frequency, and Monetary) Value of Purchases. Other information required to replenish the database may include the payment method of purchase, Buyer, the character they buy goods or services. Marketing Database will be most effective if it is focused on building relationships. Direct marketing does not have to be like a "single shot", which are intended to entice buyers to a rapid response before they become distrustful. Building relationships with customers should be based on their life values (method CLV). Only in this case they will be long-term and will bring tangible benefits. However, before you start to build a relationship, you need to carefully select the most prospective buyers who can make the biggest contribution to the volume of sales made. To select these buyers, marketers often develop consumer profiles. Building relationships with customers by CLV is impossible without a comprehensive study of the characteristics and properties of consumer goods, as well as determine the degree of customer satisfaction and the availability of personalized information. However, with the information is too personal should be very careful, as their use in communication can lead to a negative reaction from consumers.[19]

Electronic Profiling

edit
 
Amazon uses electronic profiling to make suggestions as to what people might like to purchase

Electronic profiling is when marketing companies collect information about an individual. They can get the information from purchases that a person makes on the Internet, as well as public information like births, marriages, vehicle registrations, etc. An electronic profile usually consists of a person’s name, age, telephone number, marital status, number and age of children, spending habits, and previous purchases. This is how online websites like Amazon can make suggestions of what someone might want to buy.[20] That information can then be sold to companies who may ask for it for marketing purposes. Most businesses that collect personal information have a privacy policy, which will tell you how your personal information is going to be used and as long as the business follows what they say in their privacy policy it is legal for them to sell your personal information. The problem with this is that sometimes privacy policies can be unclear in their intentions and they can be hard to decipher. Companies may also change their privacy policy often and people don’t take the time to read through it. Electronic profiling also leads to behavioral advertising, where someone might see advertisements about things in their area or about people that are around the same age and gender as them. It is kind of crazy that the computer knows that about someone and then can apply it to the things that person looks at.[21]

 
People's Information is used for Marketing Databases.

The Direct Marketing Association (DMA) is the main advocator of electronic profiling. Electronic profiling has become an entire industry, thus the DMA voices against privacy policies that would keep consumer’s information from being used for marketing and advertising. Profiling data has been sold long before the internet, however, online tracking has made it develop even more. While most of this information is sold for marketing or spam purposes, it can also be used for individual use. Websites such as whitepages.com and switchboard.com allow anyone to search for a person’s name and city, and results show up giving personal information including their house address, phone number, email address, and relatives. There are ways to avoid having your information out in the open. First of all, there are some common sense rules such as limiting how many organizations or stores information is given to, not giving out an email address when it is optional, and not giving out your social security number. According to the Electronic Privacy Information Center (EPIC), other ways to self-defend your privacy include the following: reading privacy policies, no matter how tedious or long it may be; being aware of when companies change their privacy policies, as many companies change them often; opting-out from pre-approved credit companies and from information sharing; making sure that when you opt-out from these things, that the permanent box is selected or else many times you can be re-added after a period of time; requesting a “temporary” change of address when filling out a Postal Service Change of Address Card so that the information does end up in any database and thus cannot end up in a profiling database; and lastly, be careful of catalogue merchants and be sure to ask that they do not sell your information; never buy anything from a telemarketer call or an infomercial, as they almost always are putting your information on an automatic “responder list”. It is always good to be cautious when giving information out, no matter what organization or personal is receiving it.[22]

Privacy Policy

edit
 
Privacy Policy « CubeMe

A privacy policy is a document that explains how an organization handles any customer, client or employee information gathered in its operations.[23] It usually declares what specific information is collected and whether it is kept confidential or shared with or sold to other firms, researchers or sellers.[24] The policy should also explain if data may be left on a user’s computer, such as cookies. According to best practices, the policy should disclose if data may be shared with or sold to third parties and if so, what the purpose is.[25] Personal information can be anything that can be used to identify an individual, not limited to but including name, address, date of birth, marital status, contact information, ID issue and expiry date, financial records, credit information, medical history, where one travels, and intentions to acquire goods and services. Most websites make their privacy policies available to site visitors.[26] For example, Facebook has updated its privacy policy to make it easier for users to understand, cutting around 70 percent of the previous privacy policy.[27] Critics also question if consumers even read privacy policies or can understand what they read. . A 2001 study by the Privacy Leadership Initiative claimed only 3% of consumers read privacy policies carefully, and 64% briefly glanced at, or never read, privacy policies.[28]

Spam

edit
 
Spam

Spam, officially known as Unsolicited Commercial Email (UCE) or Unsolicited Bulk Email (UBE), is the use of electronic messaging systems to send unsolicited bulk messages.[29] Spam can be sent to personal email addresses as well as to cell phones sent as a text message. Some frequently seen spam examples include advertising for specifically health-related products, pornography, and business opportunities, such as buying and selling stock. With a world full of technology and information around us, individuals can easily receive any email address from a number of ways. Companies receive email addresses either directly from the individual, or through 3rd parties that have a partnership with the other. Personal information can be entered into a database and then spam can be sent out to those individuals. Spam can also be sent over social media sites like Facebook, Twitter, or Google+. Many email clients now have a separate folder marked “spam.” This is helpful to individuals because they will now be able to see what is considered “spam” before they open the email or attachment. With text messages, most people ignore or delete those messages. Marketing databases are easy ways to get on a spam distribution list.[30] Surprisingly, most spam is considered illegal, however there are certain guidelines that hackers can follow to be able to send spam emails or messages. It is difficult to stop the spamming, but in recent years, many have been convicted of spamming materials being sent to customers and individuals.

Protecting Against Spam

edit
 
Get rid of unwanted emails

One way of safeguarding against spam is to protect the privacy of personal information. Individuals should protect your e-mail address and other personal information. Individuals can also surf the Web anonymously, opt out of some marketing activities, and use filters to limit your exposure to spam e-mails. One suggestion to avoid spam is to have two e-mail addresses. You should have one e-mail for personal address for family, friends, colleagues, and other trusted resources. The second e-mail should be a disposable or throw-away e-mail address which can be used for online shopping and signing up for free offers. One valuable piece of information is that less-legitimate sources of spam have unsubscribe links that do not work or that are present only to verify that your e-mail address is genuine! One online article suggests using the blacklist option in your e-mail. Blacklists permanently block emails form selected senders or servers. Once you blacklist a domain, server, or sender, those senders simply cannot contact you. The article also suggests to report spam to your e-mail provider, this will help over all to address the spam problem because the more you report spam the more your e-mail provider can work behind the scene to filter and block the sender, domain, or server from sending e-mails to you and other legitimate, personal e-mail addresses. Also, always be cautious of revealing personal information online. Lastly, make sure to use filters and opt out, which refers to following a predesigned procedure to remove yourself from marketing lists, or otherwise preventing your personal information from being obtained by or shared with others. When you opt out, you are instructing companies you do business with not to share your information with third parties.[31]

Properly Dispose of Hardware Containing Data

edit
 
Wipe, not just delete!

A perfect way to unintentionally, yet practically hand your sensitive information to computer thieves would be carelessly throwing away your hardware containing that information, thinking it is no longer worth anything. When discarding an old computer, hard disk, or any other device which contains data storage media (eg, a hard drive or a flash drive), it is crucial to make certain there is absolutely nothing left on that storage medium.

The most basic problem is that, in most cases, deletion (eg, into a trash can icon) does not do what most people think. Instead, for reasons of efficiency (it's faster!), this sort of deletion merely marks the file space on the storage medium (eg, out on the hard drive) as no longer containing anything that must be saved, but is now free to use. The information in the "deleted" file is still present, and with special software, can be entirely recovered.

It is sensible to shred important discarded documents, DVDs, CEDs, and such so that the information they contain is effectively impossible to recover ("cross cut" shredding is far preferable, as it is much harder to recover). The data on hard drives or other storage media must be similarly rendered unrecoverable. Currently, the most commonly recommended technique is to overwrite the space used by the to be deleted file several times. The US Government has specified a series of such overwrites (all 0's, then all 1's, then random data, etc) if the storage media is to be reused. It is somewhat time consuming and users are often reluctant (or forgetful) to do so. Note that merely reformatting the storage space on a disk (which is often thought to be an effective way of "wiping" data from a hard drive), is not at all equivalent. Most such formatting does not overwrite the entire storage space on a disk, but rather only reestablishes block boundaries and pointers the file system requires to use the disk. The existing data is not removed, and with sufficient effort and skill can be mostly recovered.

Another way of disposing of discarded data is degaussing. Old data can be degaussed by exposing magnetic media to a very strong magnetic field. This is difficult in the case of a hard drive in which the magnetic surfaces are within a metal container, and most likely shielded by the other platters from the erasing field. Organizations with extremely high security requirements have been known to melt hard drives in a furnace, or to disassemble them and sand all the platter surfaces until the magnetic film layer is destroyed. Destruction of discarded data is so important in modern times that a great many businesses have developed and implemented a mandatory media sanitization or data destruction policy. [32]

Electronic Surveillance

edit

Computer Monitoring Software

edit
 
Do you get the feeling you're being watched?

One popular tool of electronic surveillance is computer monitoring software. This software is used specifically for the purpose of recording keystrokes, logging the programs or Web sites accessed, or otherwise monitoring someone's computer activity. Some of the highest rated computer monitoring software includes SpyAgent and WebWatcher.[33] It is legal to use this software, either on your own computer or the computers of your employees. However, installing it on another computer without the owner's knowledge is typically illegal. Considering that this software is created to pretty much make sure your kids, spouse, or employees aren't doing anything on the computer that you don't want them to be doing, there are some ethical issues to consider. On the one hand, sometimes kids need help building self-control and avoiding predators so having their internet time monitored can be helpful for parents to use as a teaching tool. On the other hand, if you are supposedly in a loving and trusting romantic relationship, one could argue that you shouldn't be spying on them to be sure that they aren't cheating. As humans, we enjoy being trusted to do the right thing... and we get less credit for doing what we're supposed to do if put into an environment where there is no opportunity to get away with something dishonest. Still, computer monitoring software continues to be popular, and that isn't likely to end in a global culture that grows increasingly paranoid.

Employee Monitoring

edit
 
Always watching

Employee monitoring refers to companies recording or observing the actions of employees while on the job. Common employee monitoring activities include screening telephone calls, reviewing e-mail, and tracking computer and internet usage. Usually, the primary motive is to monitor internet usage for legal liability, but monitoring employee productivity can be for many reasons. Employee monitoring may sound unethical to the point of it being illegal; however, legally, employees have little recourse, and the few cases brought up to court tend to go against the employee.[34] An increasingly popular way of tracking employees comes in the form of smart of RFID-enabled ID cards. These cards are often used for access control (entering a building; automatically locking a computer when a certain distance is reached), but tracking an employee using GPS is also possible. Comprehensive employee monitoring systems can be expensive, so alternatives such as employee training and education are also often explored. Regardless of the techniques used, most believe that from an ethical perspective businesses should inform employees about their monitoring practices, even though they are generally not required to do so by law. However, legislation is starting to address employee monitoring. For example, several U.S. states are considering laws to prevent employers from implanting employees with RFID chips without the employee's consent. At least in the United States there are no strict laws surrounding employee monitoring, as the benefits of security, productivity measurement, and legal compliance outweigh the potential negatives. This is the case in most nations.

 
A typical surveillance system monitoring work production

Employees need to be very aware of their actions while working on the clock, as companies can monitor exactly what employees are doing or saying and how productive and efficient they are being while on the clock. Phone calls can be screened, emails can all be archived, website browsing can be tracked, and their every movement can be watched through cameras. Some practices are more common in different workplaces. For example, retail stores generally keep their employees under close surveillance to make sure they are not allowing theft, or engaging in it themselves. Other office positions can remotely access the computer desktop of employees and see exactly what is open on their screen. What some might view as a more extreme case includes GPS based systems installed in company cars to make sure vehicles remain within designated areas. Some individuals see monitoring as a breach of their privacy, but employers are more concerned with the productivity, safety, and liability of their employees. An alternative to continuous monitoring would be frequent training and education. But undoubtedly surveillance and monitoring of employees will persist as employers worry about new avenues for individuals to misbehave at work due to advances in technology.[35]

Video Surveillance

edit
 
Video surveillance
 
Video surveillance sign

Essentially, the idea of video surveillance is exactly what it sounds like: the use of video cameras to survey an area of monitor what is going on. We see examples of this every day: traffic cameras, police car cameras, ATMs, most retail stores, and even many mobile phones. The world of technology expanding so much that it is becoming increasingly difficult to find places that are not under some sort of surveillance. Many offices and schools implement these systems to keep track of students/employees and ensure they have a visual record of an incident if anything were to happen. Police use this in their cars to obtain a record of their activities on the job. Retail stores and ATMs use them to reduce crime/theft. Most of us have, at one point or another, waved at those small black and white television screens that show us "on TV" in stores, when the truth is we were waving at the video camera recording our every action for someone to review later on. And, more shockingly, the photos and videos people take today just using their phones can be used to link persons to crimes, events, locations, and so much more. while the expansion of video surveillance does create some privacy concerns, it has been useful (especially combined with other technology like facial recognition) in solving crimes like discovering the people responsible for the Boston bombing, as well as many other crimes.[36] There are multiple problems with video surveillance other than privacy concerns. First off, politicians are trying to push for more video surveillance cameras to curb violent activities like terrorist attacks or murders. The only problem is that video surveillance will not stop these actions, even though it might help find the culprit. The person committing the action is not deterred by the fact of them being on camera, and in some cases the individual actually wants to be filmed to become infamous on news coverage of their actions. Another issue is the abuse of the video surveillance cameras. Reviewers of video cameras, mostly government officials, can blackmail people they are observing. An instance of this was when an official reviewed tape near a gay club and searched license plates to find the backgrounds of the men in the club to see if they were married in order to extort money. Other situations where this can happen are to prevent activists from meeting for racial, ethnic, or religious causes. A third issue is the fact that there aren’t many limits or controls on surveillance systems, and soon enough our every move will be watched by our government. This does lead to a privacy concern, but it should be noted. Many people like their privacy and video surveillance cameras are slowly chipping away at this right of the people. In total, there are many advantages and disadvantages to video surveillance.[37]

 
The military using electronic surveillance

As technology evolved so did the advancements in video surveillance. One of these many advances is All-Weather Radio Frequency Surveillance. This security system makes use of radio frequency detection to detect things even under heavy weather conditions such as fog. This is used by the military in detecting intruders. Another innovation is something called SafeZone, which is a technology that can spot the presence of weapons by detecting the shape of firearms. The technology also triggers things such as calling law enforcement or locking doors. Maybe one of the most useful innovations is that of High Definition Video. Thanks to high definition video it has become easier for video surveillance to detect threats and compare faces to the criminal database. One innovation that is helpful for retailers is that of surveillance feeds on smartphones. By being able to put the surveillance feeds of cameras on smartphones it makes it easier for retailers to check their stores even while on the go. There's also the fact that surveillance is now offered as a service. This makes having video surveillance more accessible even for those who don't know how to use video surveillance. Even though video surveillance is something that some people don't accept, hopefully technology can still further improve video surveillance in order to at least try and make the world a little safer.[38]

Presence Technology

edit
 
Instant Messengers use presence technology so users can see who is available to chat.

Presence technology is the ability of one device connected to a network to recognize and identify another device on the same network. This gives the ability for one device to tell the other device’s status, such as if it is being used or available for communication. There are many different ways to implement this technology, including software, GPS, or RFID. A good example of this technology can be seen in Instant Messaging programs. A user is able to see whether or not other people are online and active on the messenger. Presence technology is an important part of the 3G wireless network.[39] Mobile phones use this technology all the time, such as being able to share your location with someone through GPS or seeing if the other person is typing on iMessage. Not only is this technology good for personal use but also for corporate use. Presence management can be used in many methods, for example to see if a certain employee is available to help a customer at the moment. Most of the time the user can change settings in order to allow certain features of presence technology to be activated or not in order to protect their privacy.

Software Piracy and Digital Counterfeiting

edit

Digital Counterfeiting

edit
 
100 USD watermark

Digital counterfeiting is using computers and other digital equipment to make illegal copies of currency, checks, collectibles, and others. It is important to be able to prevent digital counterfeiting that way the value of the currency (if that is what is being counterfeited) will not lose its value. The prevention of counterfeiting is a concern of everyone and should not be taken lightly. The Treasury Department makes a new design of the currency every 7 to 10 years in order to not have the money all stay the same. New features on the currency help to make it harder or even impossible to remake. Watermarks and security threads are a few ways that the Treasury uses to help make the digital counterfeiting not possible. Watermarks are recognizable images on papers that can be viewed through transmitting light. On the 5 dollar bill, a 5 was added to the right of the portrait, while previously it was a watermark of Abraham Lincoln. Another watermark was added on the 5 dollar bill, it was a column of three smaller 5s and they are to the left of the portrait.[40] These small changes really do overall help with being able to prevent counterfeiting since they are harder to remake.

Software Piracy

edit
 
Anti-Stop Online Piracy Act

The unauthorized (and therefore illegal) copying of a computer program is known as Software Piracy. It is a widespread problem that often proves difficult to harness because computers are quickly and easily able to create exact copies of a single program. It is estimated that 42% of all software installed on personal computers globally (about 20% of all software in the U.S. and at least 90% in five countries) is installed illegally, leading to an annual monetary loss of $59 billion worldwide to software vendors. The act of pirating software includes, but is not limited to -- making illegal copies of programs and distributing them to others, businesses extending software to more devices than permitted in the end-user license agreement, retailers installing unlicensed copies of software on purchased computers, and illegally duplicating software and its packaging which are then passed off as legitimate. Pirated software, CDs, and DVDs may be downloaded from Web sites and peer-to-peer file sharing services, sold at online auctions, or disseminated other ways (regardless of profit), all of which are illegal. The SOPA has aimed to stop the illegality of pirating online materials, but it still remains illegal in the United States and most other countries. [41]

Computer Security and Privacy Legislation

edit

Computer Security

edit
 
Security Block

Computer security is the protection of computing systems and data that can be stored or accessed. Being educated about the computers security will benefit the user by enabling people to carry out their jobs, education, and research supporting critical business process, as well as, protecting personal and sensitive information. Good security standards found that 10% of the security safeguards are technical and the other 90% security safeguards rely on the computer user to adhere to good computing practices. When using a computer, it benefits the user by understanding how to keep their computer and data secure. Some key steps are to use secured passwords, making sure it’s personal that no one will discover and that you always will remember it, in addition to, making sure the computer is protected, not clicking on unknown links, and not downloading unknown files or programs onto the computer. To help reduce the risk, look out for padlocks that appear in the URL bar before entering any personal information. This leads to the risks of the security of personal information, loss of business information or loss of employee and public trust. Other risks can be known for expensive reporting requirements in case of securing personal, financial or health information.[42]

The U.S. Safe Web Act of 2006

edit

The U.S. Safe Web Act was brought about in December 2006; the purpose of which was claimed to protect consumers from Internet fraud. With the growing popularity and growth of the Internet, this has become an increasingly dangerous threat. The Internet is consumed with fraudulent users, spyware, and telemarketing, and this law sought to put an end to some of this fraud. It gave the Federal Trade Commission (FTC) a decent deal more authority than they had previously had before it was passed, in hopes of protecting the consumers that use the Internet on a daily basis. There are a few things that the law changed that had not previously been allowed. First, it allowed the FTC to share information with foreign law enforcements and also aid them in investigations. In addition, it allows them to gain information from public law enforcement officials that they would not have previously been allowed to receive lawfully. This act also gave them more power and tools in consumer investigations. Finally, the act seems to strengthen the United States powers with other foreign countries, and allows them to share and work together in ways that previously would not have been allowed. In conclusion, it seems as though the whole purpose of the bill was to give the government more power, and to allow them to lawfully impose in more ways than before.[43]

edit
 
Privacy is a contentious issue in current discussion

Related to the issues of computer privacy and personal privacy in general are the Do-Not-Call Implementation Act of 2003 and the CAN-SPAM Act of 2003. Both laws were created with the hopes of ensuring protection of privacy, yet whether or not these laws have accomplished this remains in question. The Do-Not-Call Implementation Act was designed to work in unison with the National Do Not Call Registry, which began in 2003 as well. This was developed to give individuals more control over the telemarketing calls that reach their households. The Do-Not-Call Implementation Act relates to the National Do Not Call Registry specifically in that it allowed for the enforcement of the registry by allowing for the Federal Trade Commission to collect fees for its maintenance.[44] U.S. Consumers can register by phone or online, and phone numbers now remain on the registry permanently because of the Do-Not-Call Improvement Act of 2007.

The CAN-SPAM Act of 2003 was designed to address the issue of unsolicited email messages (e.g. spam). According to the Bureau of Consumer Protection, the law covers all commercial messages, and it applies to not just business-to-customer messages but business-to-business messages as well.[45] The maximum penalty is $16,000 per violation, yet the effectiveness of this act remains in question because it remains largely unenforced. Critics assert that the law creates problems for state laws that would have “provided victims with practical means of redress.”[46]

Review

edit

Key Terms

edit
Hardware theft
The theft of computer hardware [47]
System failure
The complete malfunction of a computer system
Freeware
Copyrighted software that may be used free of charge [48]
Full disk encryption (FDE)
A technology that encrypts everything stored on a storage medium automatically, without any user interaction.[49]
Self-encrypting hard drive
A hard drive that uses full disk encryption (FDE) [50]
Ruggedized device
A device (such as a portable computer or mobile phone) that is designed to withstand much more physical abuse than its conventional counterpart [51]
Surge suppressor
A device that protects a computer system from damage due to electrical fluctuations [52]
Uninterruptible power supply (UPS)
A device containing a built-in battery that provides continuous power to a computer and other connected components when the electricity goes out [53]
Disaster recovery plan
A written plan that describes the steps a company will take following the occurrence of a disaster [54]
Software piracy
The unauthorized copying of a computer program
Digital counterfeiting
The use of computers or other types of digital equipment to make illegal copies of currency, checks, collectibles, and other items.[55]
Marketing database
A collection of data about people that is stored in a large database and used for marketing purposes
Opt out
To request that you be removed from marketing activities or that your information not be shared with other companies [56]
Presence technology
Technology that enables one computing device (such as a computer or mobile phone) to locate and identify the current status of another device on the same network [57]

Review Questions

edit

1. Observing or reviewing employees’ actions while they are on the job is _____.

2. _____ _____ Software can be used to record an individual’s computer usage, such as capturing images of the screen, recording the actual keystrokes used, or creating a summary of Web sites and programs accessed.

3. ______ _____ is the use of video cameras to monitor activities of individuals, such as employees or individuals in public locations, for work-related or crime-prevention purposes.

4. True or False. Electronic profiling is the act of using electronic means to collect a variety of in-depth information about an individual, such as name, address, income, and buying habits.

5. Unsolicited, bulk e-mail sent over the Internet is ____.

6. A device that protects a computer system from damage due to electrical fluctuations is ____.

7. True or False. Encryption can be used for privacy purposes, in addition to security purposes.

8. Color copying money is an example of ____.

9. True or False. Very few major U.S. companies monitor the online activities of their employees.

10. The rights of individuals and companies to control how information about them is collected and used is called __________.

Answers

1. Employee Monitoring 2. Computer Monitoring 3. Video Surveillance 4. True 5. spam 6. Surge suppressor 7. True 8. Filter 9. False 10. Information privacy

  1. http://www.consumerreports.org/cro/news/2013/06/with-1-6-million-smart-phones-stolen-last-year-efforts-under-way-to-stem-the-losses/index.htm
  2. http://www.android.com/
  3. http://www.allgov.com/usa/ca/news/top-stories/state-sues-sap-over-failed-payroll-system-in-yet-another-tech-failure-131122?news=851725
  4. http://adeona.cs.washington.edu/
  5. http://www.webopedia.com/TERM/S/surge_protector.html
  6. Security anchor/tether assemblage for portable articles: U.S. Patent 6,081,9746,317,936 and 6,360,405 (Cornelius McDaid, John Ristuccia, Kryptonite Corporation - priority date: 1999-06-21)
  7. http://www.webopedia.com/TERM/M/mobile_device_management.html
  8. http://www.air-watch.com/solutions/mobile-device-management
  9. http://www.maas360.com/products/mobile-device-management/
  10. https://www.apple.com/ipad/business/it/management.html
  11. http://en.wikipedia.org/wiki/Mobile_device_management
  12. Understanding Computers 14th Ed. by Deborah Morley & Charles Parker
  13. http://www.panasonic.com/business/toughbook/fully-rugged-laptop-toughbook-31.asp
  14. http://www.att.com/cellphones/samsung/galaxy-s-5-active.html#fbid=pGXpDqukON3
  15. http://www.pivotcase.com
  16. http://www.computerweekly.com/feature/Self-encrypting-drives-SED-the-best-kept-secret-in-hard-drive-encryption-security
  17. http://www.webopedia.com/TERM/S/software_piracy.html
  18. http://www.safenet-inc.com/software-monetization/software-protection/
  19. http://www.marketing-schools.org/types-of-marketing/database-marketing.html
  20. http://www.geek.com/mobile/automated-electronic-profiling-the-art-and-science-550246/
  21. http://www.ecommercetimes.com/story/73966.html
  22. https://epic.org/privacy/profiling/
  23. http://whatis.techtarget.com/definition/privacy-policy
  24. http://www.businessdictionary.com/definition/privacy-policy.html
  25. http://whatis.techtarget.com/definition/privacy-policy
  26. https://en.wikipedia.org/wiki/Privacy_policy
  27. http://www.techtimes.com/articles/20324/20141117/facebook-updates-privacy-policy-releases-basics-help-protect.htm
  28. https://en.wikipedia.org/wiki/Privacy_policy
  29. http://en.wikipedia.org/wiki/Spam_(electronic)
  30. http://en.wikipedia.org/wiki/Database_marketing
  31. https://www.americanexpress.com/us/small-business/openforum/articles/7-ways-to-get-rid-of-spam-forever/
  32. http://www.infosec.gov.hk/english/computer/disposal.html
  33. http://monitoring-software-review.toptenreviews.com/
  34. http://www.scu.edu/ethics/publications/iie/v9n2/brother.html
  35. http://www.huizenga.nova.edu/Jame/articles/employee-monitoring.cfm
  36. http://www.cnn.com/2013/04/26/tech/innovation/security-cameras-boston-bombings/
  37. https://www.aclu.org/technology-and-liberty/whats-wrong-public-video-surveillance
  38. http://www.cio.com/article/2375438/physical-security/5-innovations-that-make-video-surveillance-more-effective.html
  39. http://searchunifiedcommunications.techtarget.com/definition/presence-technology
  40. http://www.newmoney.gov/currency/5.htm
  41. http://ng.cengage.com/static/nb/ui/index.html?nbId=7345&nbNodeId=1013914#!&parentId=1013950
  42. http://it.ucmerced.edu/security/information-security-awareness-training/what-computer-security
  43. http://www.ftc.gov/reports/us-safe-web-act-first-three-years-federal-trade-commission-report-congress
  44. https://www.govtrack.us/congress/bills/108/hr395
  45. http://www.business.ftc.gov/documents/bus61-can-spam-act-compliance-guide-business
  46. https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003
  47. http://wiki.answers.com/Q/What_is_hardware_theft_and_vandalism
  48. https://en.wikipedia.org/wiki/Freeware
  49. http://en.wikipedia.org/wiki/Disk_encryption
  50. http://www.computerweekly.com/feature/Self-encrypting-drives-Whats-holding-back-SED-hard-drive-encryption-security
  51. http://en.wikipedia.org/wiki/Rugged_computer
  52. http://www.thefreedictionary.com/surge+suppressor
  53. http://en.wikipedia.org/wiki/Uninterruptible_power_supply
  54. http://en.wikipedia.org/wiki/Disaster_recovery_plan
  55. http://en.wikibooks.org/wiki/The_Computer_Revolution/Digital_Counterfeiting
  56. http://en.wikipedia.org/wiki/Opt-out
  57. http://en.wikipedia.org/wiki/Telepresence