Page 420 - Using MIS

P. 420

MyMISLab ™

Improve Your “Actually, I do. Michele has explained to me the basics of your security program,
Grade! and she said that, given the fact that your systems were originally designed to store
Over 10 million students medical data, you have designed security deep into your systems.” Sam sounds like
improved their results using he’s reading from notes.
the Pearson MyLabs. “Correct.” James nods at Michele as he says this.
Visit mymislab.com for “I wonder if you could explain that to me with some specifics.”
simulations, tutorials, and “Sure, but first, may I ask if you have a technical background?” James isn’t sure
end-of-chapter problems. how much detail to provide him.
“I’m not a developer, not by a long shot, but I was closely involved as a systems
analyst in the development of many of our systems.” Sam’s actually quite a bit more
technical than he reveals.
“Great. Let me dive in then, and if the dive is too deep, just let me know.” There’s
not the least bit of condescension in James’s voice as he speaks.
“Will do.”
“Each user is in charge of the distribution of his or her
data. Initially, users’ data is not shared at all. But we provide
a simple-to-use UI that allows users to change their security
settings.”
“OK. Michele told me that. But how do you implement
that security?” Sam wants to dive deeper.
“But how do “Because we have thousands and thousands of users,
you implement we store all privacy settings in a database and we have
that security?” elaborate security on that database that I can go into later,
if you want.” James wants to focus on specific PRIDE
features.
“Maybe. Just keep explaining.”
“It turns out that event participants have a many-to-
Source: Bizoo_n/iStock/Thinkstock/Getty Images
many relationship with all of our major players. Thus, for
example, a participant may belong to several health clubs,
and of course a health club has a relationship to many of our participants. Similarly,
a participant has a relationship to potentially many insurance companies, and each
company can have a relationship to many of our participants. Are you with me?”
“Yes, keep going.” Sam sounds curious.
“So, as you know, to represent a many-to-many relationship we create an
intersection or bridge table. And we store the security preferences for each person in
his or her relationship to the external agent in that intersection table.”

Study QueStIonS

Q1 What is the goal of information systems security?
Q2 How big is the computer security problem?

Q3 How should you respond to security threats?
Q4 How should organizations respond to security threats?
Q5 How can technical safeguards protect against security threats?
Q6 How can data safeguards protect against security threats?

Q7 How can human safeguards protect against security threats?
Q8 How should organizations respond to security incidents?
Q9 2025?
388

415 416 417 418 419 420 421 422 423 424 425