Topic 5: Keeping data safe and secure Flashcards
What is archiving?
Backups are taken in case the original files are lost or become damaged. Archives are those files that are no longer needed in the short term but need to be kept for future reference. Rather than clog the computer up with lots of files (which will make it slower), it is better to save those files you want to archive onto removable media such as a CD or DVD and store these in a safe place.
What are backups?
ICT systems store huge amounts of data and this must be protected against lost. Backups are copies of the original data and programs that are kept for security purposes in case the original data or programs are damaged, destroyed or lost, backup copies of the data must be kept and procedures must be put in place ensure that data can be easily recovered from the backups.
Backup procedures are needed to:
How are archive and backup copies kept safe?
Using removable media, placing them in a fireproof safe, keeping them away from the computer because the thief may still the backup copies as well as the computer or removing them off-site, this is in case there is a fire or the building is destroyed.
How could you protect data from accidental destruction?
How could you protect data from deliberate damage?
What are user ID’s/username?
User IDs or username are a series of characters that is used to identify certain user to the network. The person who looks after the network will use this to allocate space on the network for the user. It is also used by the network to give the user access to certain files. The Network Manager could also keep track of what files each user is accessing for security reasons.
What are passwords?
A password is a string of characters (letters, numbers and punctuation marks) that the user selects. Only the user knows what the password is. When a user enters the password, it will not be shown on the screen. Only on entry of the correct password will the user be allowed to access the network.
What is encryption?
If a computer or network is connected to the Internet then it could be hacked into. Hackers could simply intercept and read email they could alter data or collect personal details and credit card numbers to commit fraud. Encryption is used to protect it from prying eyes by scrabbling data as it
travels over the Internet. Encryption is also used when saving personal data onto laptops removable storage devices. If any of these get stolen or lost then the data cannot be read.
Encryption should be used for:
How would you restrict physical access?
You can restrict a person from entering the building or room containing computers using keypads, magnetic strip card systems, electronic cards and biometric scanning systems. Biometric scanning systems can be used rather than usernames and passwords to allow access. Retina scanning uses the unique pattern of the back of the eye to recognise a person and a fingerprint scanner uses the unique pattern on a persons finger to identify them.
How would you restrict access to data?
Keeping people out of rooms containing computers will not always protect the data. Data can be accessed illegally by people who have legal access to the computer and only some of the data. Data can be accessed illegally by hackers who use the Internet access the data.
What is the hierarchy of passwords?
Access to certain files can be controlled at certain levels using a series of passwords. The higher up in the organisation a person is, the more files they gain access to and do things with. For example, a school secretary may access the files about teachers names and addresses so that letters can be sent to them but they may not be allowed to alter the data. A head teacher would be allowed access the files containing information about teachers salaries for budgeting purposes the other staff are not be allowed access this information.
What are access rights?
Access rights are given to staff by the Network Manager. These rights allow certain staff to access certain files. For example, a member of staff who deals with customer orders can have access to those files such as the customer file needed to perform their job. This member of staff mat not be given access rights to the personal payroll files. In addition to this, access rights tell you what you can and can’t do with the data in the files you have access to.
For example:
Read only access, you can only look at the data and alter it.
Read/write, you can view and alter data.
Create, you can create new records.
Delete, you can delete records.
What is monitoring?
Network software monitors the network for unusual activity. For example, if a user were trying to enter using lots of different passwords they will be locked out the network. Networks monitor unusual activity in accounts. For example, if a large credit card transaction were to take place on your account to pay for goods abroad, they may suspend the transaction until they have spoken to you.
What are transaction logs?
When transactions (bits of business) are performed on the computer, there may not be any paperwork to go with the system. So that the system can be audited (i.e. checked), the software will have a function built in that provides an audit trail. The audit trail provides evidence of what has happened in the system. For example, if the record has been deleted, they'll provide evidence of the record before the deletion along with the date and time and the name of the member of stuff who performed the deletion and even the reason the record was deleted. Transaction logs are a deterrent to people who might be thinking of committing a computer fraud as they will know they are likely to be found out. It also provides evidence for the police to prosecute computer fraudsters.
What are viruses and what threats do they hold?
Viruses pose a major threat to ICT systems. A virus is a program that replicates (i.e. copies) itself automatically and usually carries with it some payload that may cause damage. Once a computer or media has a virus copied onto it, it is said to be infected. Most viruses are designed to do something apart from copying themselves.
For example, they can:
