CHAPTER 11 Computer Issues in the Workplace
Security, Privacy, and Ethics

Types of Computer Crime

Theft of computer time for development of software, either for personal use or with the intention of selling it.
Theft, destruction, or manipulation of programs or data.
Alteration of data stored in a computer file.

Prosecuting the computer criminal is difficult because discovery is often difficult.
Crimes that are detected aren't always reported, because businesses don't want the publicity.
Prosecution is also difficult due to a lack of understanding of the complexities of computer-related fraud.

Security is a system of safeguards designed to protect a computer system and data from deliberate or accidental damage or access by unauthorized persons.

There are four basic methods to control access to a system.
1. What you have - a key, badge, token or card to give you access.
2. What you know - a password, or personal identification number.
3. What you do - your signature, e.g.
4. What you are - use of biometrics such as fingerprinting, and retinal scans.

A disaster recovery plan is a method of restoring data processing operations if those operations are halted by major damage or destruction.
A disaster recovery plan should include: priorities, personnel requirements, equipment requirements, facilities, capture and distribution of data.

Secured waste - discarded printouts, printer ribbons, etc. can be sources of information to unauthorized persons.
Passwords - require the user to know a secret word or numbers to gain access.
Internal controls - controls planned as part of the computer system such as a transaction log.
Auditor checks - review of computer programs and data.
Cryptography - scrambling messages through encryption and descrambling with decryption.
Applicant screening.
Separation of employee functions.
Built-in software protection.

A virus is a set of illicit instructions that infects other programs and may spread rapidly.
Viruses can be dealt with using anti-virus programs that scan memory and disks looking for known viruses and changes to programs.
Damage from viruses can range from nuisance messages to erasing all files on your hard disk.

A worm spreads by replicating itself.
A bomb triggers damage based on certain conditions - usually at a later date.
A trojan horse is placed in another otherwise legitimate program.

Personal data from forms and other sources usually goes to a computer file, where it may be given away, traded, sold, etc.

The Fair Credit Reporting Act of 1970 allows you to have access to and challenge your credit records.
The Freedom of Information Act of 1970 allows access to data gathered by federal agencies about individuals.
The Federal Privacy Act of 1974 stipulates that there can be no secret personal files.

Some software is considered to be in the public domain , because its author offers it freely and allows it to be freely copied.
Shareware is also allowed to be freely copied, but it is copyrighted and the author usually asks for a contribution if you keep it.
Commercial software is copyrighted and cannot be copied without permission from the manufacturer, except for backup purposes. Making illegal copies is called software piracy. Some companies also allow you to keep a copy at work and at home. Copy protection devices are rarely still used due to difficulties they give legitimate users.

Site licensing permits a customer to make multiple copies of a given piece of software.
This involves purchasing multiple licenses at a discount by an organization.