Data protection Flashcards
give 6 types of data
- personal
- client
- employee
- special category (minority group ect)
- financial
- intellectual property
give the 4 types of cyber threats
cyber attacks
phishing
malware
trojans
what are cyber attacks
unauthorised attemps to access / steal data
what is phishing
fraudulent attempts to access snsetive into by passive off as being trustworthy
what is malware
malicious software designed to distrupt, damage or access systems
what are trojans
malware designed as legitimate software to trick users into installing it
how does the data protection act and general data regulation (GDPR) ensure personal data is collected, stored and used responsibly
- supporting lawful processing of data
- protect individuals data
- regulate data sharing
- strengthen rights
what is the gdpr
an eu regulation that combines data protection laws across europe, it protects personal information by outlining several requirements businesses must follow to process data legally.
what is the data protection act 2018
a uk law that implements the gdpr regulations and sets guidelines on how businesses should handle personal data
give responsible data handling principles
- only collect data for specific and explicit purposes
- not keeping data for longer than needed
- accurate and up to date data
- fair, lawful, limited
- and transparent data collection
- security
what must businesses do to comply with ensure data protection
- comply with laws
- protect personal data from unauthorised access
- ensuring data is securely stored and transmitted
- clear policies and procedures
- regular reviews of data protection measures
how to reduce the risk of cyber attacks
- keep software up to date
- identify and fix vulnerabilities
- intrusion detection systems
- multifactor authorisation
how to reduce the risk of phishing
- staff training on how to recognise it
- simulating phishing attempts to raise awareness of what they may look like
- email filtering systems
- reminder banners on emails
how to protect against malware
- antivirus software installed and up to date
- education to raise awareness
- reminder banners on emails
how to protect against trojans
- system installed that detect them
- anti malware tools and security software
- dont download unverified software
what is version control
- prevents use of incorrect or outdated info to avoid errors
- ensures only the latest version of data is used
- helps track changes and maintains document history for legal purposes
- teams can see shared documents to ensure everyone has access to up to date and correct data
how does access control help protect data
- restricts data
- only access to necessary data
- keep detailed logs of who accessed what and when
how is indexing useful in data control
organised data management makes it easier to locate and revive
