8.8. Summary

Key Takeaways

  • As computing and networking resources have become more an integral part of business, they have also become a target of criminals.
  • Cybercrime is an illegal activity that is committed with the use of a computer, or where a computer is the object of the crime
  • The CIA triangle is composed of: confidentiality, integrity and availability. It is important to consider when developing security policies or considering security tools.
  • Tools for security can be categorized as authentication, prevention or detection tools.
  •  Authentication can be accomplished by identifying someone through one or more of three factors: something they know, something they have, or something they are.
  • Passwords are something they know, tokens are something they have, and biometrics are something they are.
  • Prevention of unauthorized access, or loss can be accomplished through the use of: access controls, encryption, firewalls, antivirus programs, and backups.
  • Detection can be accomplished through the use of: intrusion detection systems and physical security.
  • A good information security policy lays out the guidelines for employee use of the information resources and recourse in the event that an employee violates a policy.
  • There is no way to ensure 100% security, but steps can be taken to be more secure.

Review Questions

  1. What are some of the risks when using technology?
  2. Why is computer crime on the rise?
  3. Why do companies not contact law enforcement when they experience a breach?
  4. What are some different types of malware?
  5. How is technology used to commit a crime?
  6. Explain the difference between phishing and spoofing and provide an example of each.
  7. What is the CIA triangle?
  8. What are some different types of security measures that can be used to prevent crime?
  9. What is role-based access control?
  10. What is the purpose of encryption?
  11. How are anti-virus programs and intrusion detection systems different?
  12. How can a user make passwords more secure?


This assignment will help you to begin navigating the complexities of user data privacy.

The business model of Facebook and Google is to collect personal information on its users, and then sell that information to advertisers in the form of targeted advertising on websites, mobile apps, and partner websites.
1. Research current issues with Facebook/google (choose one or both) in regard to user privacy. Include at least 1 article and a link/citation to the article. Briefly summarize the article (s).
2. Take the side of Facebook/Google. What ‘rights’ do they have over user data posted to their systems? When would they ultimately cross the ethical line when they handle user data?
3. Next, take the side of the user. What rights do users have over their data in Canada?

4. Finally, what do you believe should happen with user data in the near future? List at least one positive and negative outcome if your solution would be implemented.

Chapter 4 – Information Security” from Information Systems: No Boundaries! Copyright © 2021 by Shane M Schartz is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where otherwise noted.


Icon for the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

Information Systems for Business and Beyond Copyright © 2022 by Shauna Roch; James Fowler; Barbara Smith; and David Bourgeois is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License, except where otherwise noted.

Share This Book