ITM 100 Lecture Notes - Lecture 10: Information System, Sql Injection, Rogue Security Software

Information systems are mission critical for many organizations. Without proper security measures, these systems would be next to impossible to use and take advantage of. Security: policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage. It/ts security measures are a special case of organizational controls. Controls: methods, policies, and organizational procedures that ensure safety of organization"s assets; accuracy and reliability of its accounting records, can"t access ryerson"s physical servers. Failed computer systems can lead to significant or total loss of business function. Firms now are more vulnerable than ever: confidential personal and financial data, trade secrets, new products. Hardware problems: breakdowns, config errors, damage. Software problems: programming errors, installation errors, unauthorized changes. Use of networks/computers outside of firm"s control. Size of internet means abuses can have wide impact. Use of fixed internet address with cable/dsl modems creates fixed targets for hackers. Email, p2p, im: interception, attachments with malicious software.