BIT 4604

avatar
Created by
CC

Cards (34)

  • Five V’s of Big Data:
    • Volume: All the numbers, e.g., Walmart handles over 1 million transactions per hour
    • Velocity: How fast data is being added, e.g., clickstreams, ads, machine to machine processes
    • Variety: What’s in the data, not just numbers, includes strings, dates, and different types like Google Maps directions and restaurant reviews
    • Veracity: Focuses on the quality, authenticity, and validity of the data
    • Value: Considers what an organization gains from retaining or acquiring the data
  • Algorithms are a process or a set of rules to be followed in calculations or other problem-solving operations, especially by a computer
  • Examples of algorithms include:
    • Getting a drink of water: checking if thirsty, having a water bottle, or finding a fountain outside
    • Making a recipe
    • Doing laundry by sorting it
  • Security in computing is based on the CIA triad:
    • Confidentiality: prevents sensitive information from getting into the wrong hands
    • Integrity: maintains the consistency, accuracy, and trustworthiness of data
    • Availability: ensures information is there and accessible when needed
  • Economics in computing involves the financial aspects of organizations
  • Ethics in computing focuses on ensuring actions are done ethically and morally
  • Privacy in computing relates to consumers' personal preferences
  • Data brokers monitor people on websites, measure their actions, and compile traits to sell to other companies for targeted advertising
  • Data brokers buy, aggregate, and sell data from various sources
  • Algorithms in online shopping show different prices based on user data, with popular items staying competitive and others potentially escalating in cost
  • FIPS (Fair Information Practices) principles include:
    • Collection Limitation: personal information collection should be limited, obtained lawfully and fairly, with individual consent
    • Data Quality Purpose Specification: data quality should meet specific standards
    • Security Safeguards: personal data should be protected by reasonable security measures against risks like loss or unauthorized access
    • Use Limitation: personal data should not be disclosed or used for purposes other than specified
    • Purpose Specification: the purpose for collecting personal data should be specified at the time of collection
    • Openness: there should be a policy of openness about personal data practices
    • Accountability: data controllers should be accountable for complying with data protection measures
    • Individual Participation: individuals have the right to access their data, challenge denials, and request data erasure, rectification, completion, or amendment
  • Anonymization involves removing identifying information to achieve high identity protection
  • Deanonymization is the process of looking at data sets that have been anonymized and identifying a person linked to the data
  • Threat types in data security include External and Internal threats
  • Privacy Paradox: People say they care a lot about their data but don't behave like it
  • Facebook Contagion Study:
    • Facebook used users' data and manipulated the feed of positive or negative posts
    • People tend to feel positive when their friends post positive stuff
    • Controversial study done without consent, showing how Facebook can manipulate people's emotions
  • Ransomware is a type of malware that blocks access to a user's data by encrypting it
  • The hacker is the only one with the key and demands payment for the data to be returned
  • Defenses against Ransomware:
    • Backups
    • Encryption
  • Ransomware mitigation methods include:
    • Technical Controls
    • Training (User action)
    • Managerial and organizational controls
    • Legal Mechanism
  • Technical controls in Information Technology Security include:
    • Access controls (Authentication, Authorization, Credentialing)
    • Encryption to protect data integrity
    • Anti-malware measures such as Firewalls, Intrusion Detection Systems, Intrusion Protection Systems, and Anti-virus software
  • Encryption is encoding messages in a way that only authorized parties can read it
  • Encryption converts original information, called plain text, into a difficult to interpret form called ciphertext
  • Tools of Securing Data Managerial:
    • Training
    • Minimizing access to sensitive data and systems
    • Oversight and Compliance
    • Breach Notification and Management
    • Ethical Standards for Security Professionals
  • Utilitarianism focuses on outcomes, where the "utility" of a policy is measured by its tendency to promote the "good"
  • Deontology is a category of ethical theories primarily concerned with adherence to certain rules or duties where consequences do not matter, but intention is relevant
  • In deontology, individuals act in a certain way only if they act for the right reasons
  • Virtue Ethics states that the goal of life is well-being (happiness) and the means to attain it is by acquiring a virtuous character
  • Types of laws include:
    • State laws
    • Federal laws
    • International laws
  • Federal Laws COPPA (The Children's Online Privacy Protection Act) give parents control of data or information collected or retained on their children
  • COPPA applies to children under the age of 13 and is directed toward any site or service that collects information on children
  • HIPAA stands for Health Insurance Portability and Accountability Act, enacted in 1996 and updated in 2003
  • FERPA (Family Educational Rights and Privacy Act) is a federal law (20 U.S.C. § 1232 (g)) that protects the confidentiality of student educational records and the individual student’s right to privacy