6.4 - 6.6 - Protection measures, physical and logical protection Flashcards
Placing computers above known flood levels
For example, on the top floors of buildings.
Access rights to information
Which staff can access which files
Policy
A set of ideas or a plan of what to do in particular situations that has been agreed to officially by a group of people
Responsibilities of staff for security of information
Individual staff maintaining security for data in their area, allows for more focused security.
Disaster recovery
A documented procedure that should be followed to recover and protect the IT infrastructure in an organisation.
Information security risk assessment
Used to identify, estimate and prioritise risks to organisations resulting from the operation and use of information systems.
Evaluation of effectiveness of protection measures
Process of reviewing the measures in place to ensure they are fit for purpose.
Training of staff to handle information
For example, not divulging information to unauthorised people, logging out of systems when not in use, preventing unauthorised people from seeing the computer screen.
Biometrics
The identification of a user based on a physical characteristic, such as a fingerprint, iris, face or voice.
Firewall
A form of network security that monitors traffic into and out of a network.
Locks, keypads and biometrics
Access to doors, workstations server rooms can be physically stopped by locking screens via the keypad or putting padlocks on machines.
Physical protection
Refers to the protection of locations and equipment from theft, vandalism, natural disasters , man-made catastrophes and accidental damage.
Back up systems in other locations
Storing back ups alternative areas to where the information is normally used - different sites, cloud storage.
Security staff
Monitor buildings and prevent unauthorised access.
Shredding paper based records
These are almost impossible to rebuild therefore information that was stored on them will be unable to be used.
Logical protection
Uses digital/software-based methods to protect data.
Tiered levels of access to data
The process of making certain information only accessible to certain staff.
Anti-malware applications
Any software that protects a computer from malware eg anti-virus, spyware, pop up blockers.
Obfuscation
Purposely making something unintelligible so that it can’t be understood.
Data at rest
Data that is being stored on digital media while it is not being transferred between devices.
Data in transit
Data that is moving from one location to another eg across the internet or a network.
Encryption
Converting data from a readable format to an encoded version.
Decryption
A process that reverses encryption, taking a secret message and reproducing the original plain text
