DATA SECURITY

Computers and computer networks hold vast amounts of information, all of which have to be kept safe and accurate.
Data can be inaccurate for a number of reasons:
 The data may have been entered wrongly in the first place.
 Some of the information may have been altered by mistake.
 Data may not have been updated when it should have been, for, example, if a pupil moves to a new address.
 Someone may have changed the data deliberately when they were not supposed to – this is, of course, a
criminal activity.

If data is accurate then we say that it has integrity. In other words, Data integrity is the steps used to ensure that data
captured and stored is accurate, up-to-date and legitimate.

Data integrity is achieved through

 Verification – this is when the user visually compares the entered data with the original copy to ensure
they match up.
 Validation – this is when the software comparing entered data with a set of rules before data is captured.

Data can also be missing for a number of reasons:

 The computer system may have developed a software fault and some data may have been erased.
 The computer system may have been damaged, for example, by a lightning strike or heavy rain.
 Someone may have deleted data deliberately when they were not supposed to.
 Parts or all of the computer system may have been stolen.

Data security is steps or measures taken to ensure that data is protected from corruption, unauthorized access and
misused.

Data can be secured by two categories

SOFTWARE RESTRICTIONS: The use of software means to restrict access.

 PASSWORDS
 ENCRYPTION
 VIRUS PROTECTION
 FIREWALL

PASSWORDS
Password restricts unauthorized access to software by requesting for user name and secret code. A good pass word
must be long, comprises of different characters and must be changed regularly.

Encryption
Data is encrypted when it is converted into secret code making it unreadable by unauthorized users who access it.
Encrypted data is decrypted when it is converted back to ordinary text. To encrypt a file the system needs an algorithm
(a set of rules) and a key (special number). Encryption uses the algorithm and key to convert each character of the
original file into another character, and the encrypted file is saved. Spaces and punctuation marks are also encrypted.

VIRUS PROTECTION
A computer virus is malicious program that has been created in order to cause damage to files on computer systems and
prevent the system from working properly. A virus may be installed on to your computer without you being aware of it.
Viruses can be transferred to your computer when you visit a website, but are most commonly spread from one
computer to another through email. Other ways in which viruses can reach your computer are through CDs, DVDs or
USB drives, or across a network system.
The only safe way to protect a computer from viruses is to install virus protection software. Virus protection software
checks a list of viruses to identify any that are on emails or have found their way into your system.
Carry out a full scan of everything stored on your computer – this should be done regularly, and at least once a week.

FIREWALLS
Firewalls is a program that identify any weak area in a network and prevent it from been exploited and will block any
communications that come into and go out of the network that do not match its rules. The rules can be set to give the
level of protection that is needed for the network.

PHYSICAL ACCESS RESTRICTIONS: These are used to prevent unauthorized person from gaining physical
access to stored information.
 BIOMETRIC SYSTEMS
 SECURITY GUARDS
 LOCKS AND GRILLS
 FIRE/WATER PROOF CABINETS
 ARCHIVING
 BACKUP
 RECOVERY PROCEDURES

BIOMETRIC SYSTEMS
Biometric measures one or more physical attributes, such as fingerprints, face and iris patterns, in order to check your
identity in order to grant access. Smart Card: Sometimes used as swipe cards to grant access. A smart card has a chip
embedded in it, and carries a considerable amount of information about you.

GUARDS/ LOCKS & FIRE/WATER PROOF CABINETS

Many organization use security guards to patrol the buildings and deter criminals. Buildings and rooms that hold
computer systems should be locked when no-one is around. Keys can be stolen or mislaid, so sometimes electronic
locks are used instead. There are several types of electronic door entry systems. Storage media that contain important
data should be stored in a safe. A safe is not only lockable, but it can also protect the media from fire and water. Special
fireproof and waterproof safes are manufactured for this purpose.

ARCHIVING
This is the capture and store of old information away from the main computer system.
If anyone needs to read the archived information, the files can be copied back into the computer system and made
available.

RECOVERY PROCEDURES
We all know that things can go wrong with computers. Even though there are many ways of protecting data, there is
always the possibility that disaster will strike. The worst disaster could mean that all the data and all the hardware is
damaged or destroyed.

For example:
 The hardware can be destroyed by fire, flood, hurricane or lightning strike.
 Errors in the software can mean that data is not saved properly.
 Viruses can attack the system and change data.
 Someone can delete a file or change data by mistake.
 The hardware can malfunction and this can damage the data held on disks.
 Criminals can delete files, or they can steal or destroy hardware.
The data stored on computers is extremely valuable. If a large organization like a bank loses all its data it would
probably go out of business.
There are some ways of ensuring you are able to recover your data if something should go wrong.
BACK-UP PROCEDURES
A backup is copy of a file that is kept in a in a safe place in case the first is damaged.
There are two main types of backup namely:
Full back up: The computer or network can be set up so that it automatically makes a backup of everything on a regular
basis. Most organizations backup the data on their networks every night.
Incremental backup: An incremental backup copies only the files that have been changed since the last backup.
Although incremental backups will be done during the working day, they will be much quicker than full backups.

Backup files should be stored on a medium that:

 Make fast copies.
 Can be stored in a secure place away from the original
 Any storage medium, such as hard disks, CDs, USB drives or tapes can be used to make a backup.
Digital tape is a popular choice to store full backups, as data can be copied to tape very rapidly.
 Backups are very important so they should be stored in a lockable fireproof and waterproof safe.

PROPRIETY DATA AND SOFTWARE

Propriety software is software that is owned by an organization who then sells licenses to use it.
Propriety software has a proprietor, that is, an owner. The owner is usually the commercial company that holds the
copyright. When you buy propriety software you are really buying a license to use it. This usually restricts you to
installing it on your computer only and possibly making a backup copy.

Computer hardware is quite valuable so thieves will try to steal it if it is not properly protected.
There is also a risk that someone may break into a building and then use the computer system to find the data without
actually removing anything from the room.
How Information Can be Misused
Violation of Privacy
This is the collecting of information about people without their knowledge or permission.

Surveillance
The listening to conversation and watch people without them knowing. ICT provides a lot of techniques that makes
surveillance possible, such as hidden microphones and cameras. It is also possible to listen in on phone conversations,
cell phones can be used to pinpoint where people is. Surveillance is when someone watches your every move without
authorization to do so.

Electronic eavesdropping
All emails and text message that you send pass through several computer system before they reaches the recipient. It is
technically possible for all these messages to be stored and viewed. Electronic eavesdropping is when others tap and
listen in on your conversation or access and read messages that were not intended for their consumption.

Inaccurate information
This happens when someone made a mistake when they store data, someone make a mistake when they entered the
data into the computer system or someone deliberately altered the data after it was first entered. In accurate data can
have consequences that can be quite trivial or can be very serious indeed?

Propagandas
This is when false or incorrect information is communicated about someone or an organisation

Computer Crime
Industrial espionage
This is when one business spies on another business to steel their business ideas or plans for new product.

Software piracy
This when individuals make illegal copy of a copyright product or software without the permission of the copyright
holder.

Computer fraud
This is a crime in which someone deliberately deceives someone else in order to gain money, goods or some other
advantage with the use of a computer.

Credit card fraud

In e-commerce when businesses sell goods online the customer usually pay via the internet using credit card. Credit
card details have to be provided and can be accessed and used by criminal or the card if stolen can be used with fake
signature. Credit card fraud is when criminals stole your card details and withdraw money with your permission.

Identity theft
This is when criminals gather as much information as possible about a real person and reuse these information
pretending to be this person.