Lecturer: Mr. Michael Allotey Contact Information: - - PowerPoint PPT Presentation

School of Information and Communication Studies Department of Information Studies

Second Semester (2018-2019)

Lecturer: Mr. Michael Allotey Contact Information: mallotey@ug.edu.gh

Lecture Overview

This lecture covers safety and security issues when using Information Systems in Organizations or at home. As the use of information systems increase in organizations, the risks/threats associated with them also continue to increase. Many of these risk/threats are associated with the Internet.

Slide 2

Session Outline

The key topics to be covered in the session are as follows:

• 1. Introduction

Slide 3

Reading List

• Laudon, C.K. Laudon, J.P. (2000) Management Information Systems (11th Ed.), NJ, Prentice-Hall in

Honkong, Pearson.

• Senn, J.A. (1982) Information Systems in Management, NY Wadsworth Publishing Company.
• Stoner, J.A.F. (1999) Management, (1999) Prentice-Hall of India, New Delhi.
• Lucey Terry, (1995) Management Information Systems, DP Publishing Ltd. Aldine Place, London.
• Watson, H.J. et al (1991) Information System for Management: A Book of Reading.
• Hutchinson, S.E. & Sawyer, S.C. (2000) Computers, Communications and Information: A User’s

Introduction.

• Alter, S. (1999). Information systems: A management perspective. Reading, Mass. [u.a.: Addison

Wesley.

• O’Brien, J.A. (2009) Introduction to Information Systems, Boston, Pearson.
• Long, P. et al (2016) Cambridge International AS and A Level IT Coursebook, University Printing

House, Cambridge CB2 8BS, UK.

Slide 4

INTRODUCTION

Topic One

Slide 5

Introduction

The safety and security risks/threats related to the use of Information Systems in

• rganizations can be categorized into the

following:

• Physical Security
• E-safety
• Security of Data

Slide 6

PHYSICAL SECURITY

Topic Two

Slide 7

Introduction

The increase use of Information Systems in

• rganizations brings about some physical

dangers to employees. These categorized into:

• Health Aspects
• Safety Aspects

Slide 8

Health Aspects

Health aspects has to do with how people become ill or affected by their daily contact with information systems (CBIS). The following are some health risks:

• Back and neck problems/strain
• Repetitive strain injury (RSI)
• Eye strain
• Headaches
• Ozone irritation

Slide 9

Safety Aspects

Safety aspects has to do with the dangers that could lead to serious injury or even loss of life. Some common examples of safety risks are as follows:

• Electrocution
• Trailing wires (Can make you trip)
• Heavy equipment falling and causing injury
• Fire risk

Slide 10

E-SAFETY

Topic Three

Slide 11

E-safety

• This refers to safety when using the internet. That

is keeping personal data safe when using Information Systems.

• E-safety also refers to the benefits, risks and

responsibilities when using Information systems.

Slide 12

E-safety Issues Encountered when Using Information Systems In organizations

• Giving out personal information to people who are

unknown to you

• Sending photos of ones self- either online or via a mobile

phone

• Failing to maintain your privacy settings when using
• nline devices
• Failing to verify the security of websites before visiting

them

• Opening emails from unknown sources
• Emailing people you do not know
• Failing to be vigilant when using social network sites,

instant messaging and chat rooms.

Slide 13

Discussion Activity

Slide 14

Evaluate your own use of e-mail and social media/ networking sites. Which of the following e-safety issues do you encounter? What e-safety strategy will you use to deal with these issues?

SECURITY OF DATA

Topic Four

Slide 15

Security of Data

This refers to the security risks/ threats associated with any electronic devise that connects to a network. The following are some examples:

Slide 16

• Hacking
• Phishing
• Smishing
• Vishing
• Pharming
• Denial of service attack
• Spam
• Cookies
• Malwares

Hacking (Unauthorized Access)

• This is the act of gaining unauthorized access to a

computer system.

• This can lead to identity theft or misuse of

personal information. Data can be stolen, deleted, changed or corrupted on a user’s computer.

Slide 17

Discussion Activity

Slide 18

What is the difference between hacking and cracking?

Phishing

• This is normally carried out through electronic

communications, such as emails.

• This is when an authorized person attempts to gather

personal data, such as passwords and credit card details, by distinguishing themselves as a trustworthy person or organization.

• The email will look legitimate and will normally

encourage a person to click on a link on the email and when the link is clicked, it will take the user to a website that will ask them for their personal information.

Slide 19

Smishing

• Smishing is short for SMS phishing. It is similar

to phishing , but it is carried out using SMS text messaging rather than email.

Slide 20

Vishing

• Vishing is short for voice phishing. It is the

act of using a telephone call to try and scam a user into giving their personal data.

• The scammer will usually pretend that they

are a legitimate person or organization.

Slide 21

Pharming

• Pharming is another method of collecting

personal data.

• A hacker will install malicious code onto a

person’s computer or server. When a user types in a web address, they will be redirected to a fraudulent, but legitimate looking, replica website, without their consent.

Slide 22

Denial of Service Attack (DoS)

• A denial of service attack is designed to send more

requests to a server that it can deal with.

• They are carried out to cause disruptions to an
• rganizations network or website and often result in

users not being able to use the network and clients not being able to access the website.

Slide 23

Spam

• Spam is often referred to as Junk email.
• While spam is less of a security risk, it can cause

denial of service by clogging up the bandwidth on the internet.

Slide 24

Cookies

• Cookies are small files or code that are

stored on a user’s computer.

• Once a cookie has been read by the web

browser or users computer, the data can be retrieved and used t customize the webpage for each individual.

Slide 25

Malwares

• Malware is a computer program that is designed to

damage or disrupt a computer system and the files that are stored on it.

• Malwares can take the following forms:

Slide 26

• Viruses
• Trojan horse
• Worms
• Spyware
• Adware
• Rootkit
• Malicious bots
• Ransomware

Virus

• This is a program code or software that

can replicate itself with the intention of deleting or corrupting files on a computer.

• They often cause the computer to
• malfunction. For example by filling up the

hard disk drive.

Slide 27

Trojan Horse

• This is a malicious computer program

that disguises itself as another application, such as a game or a utility

• program. It normally acts as a computer

virus would.

Slide 28

Worms

• This is a small computer program that uses computer

networks and finds security holes to replicate itself.

• They can also exploit security holes in a piece of

software or operating system. Worms also often acts like a virus would.

Slide 29

Spyware/ Key-Logging Software

• This is a software that gathers data by

monitoring key presses on the users keyboard; the gathered data is sent back to the person who sent the software.

Slide 30

Adware

• Adware is short for advertising-supported

software.

• It is a software program that is used to

display adverts that are targeted at the user.

• It can analyze the website the user visits

and will target them with advertising of a similar nature.

Slide 31

Rootkit

• This is a computer program that enables

a person to gain administrator access to a victims computer.

• It normally gets installed when a victims

password is cracked.

Slide 32

Assignment

• Find out about Malicious bots

and Ransomwares.

Slide 33

**END**

Thank You

Slide 34