Security Strategy. You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS.

Slides:



Advertisements
Similar presentations
GCSE ICT Networks & Security..
Advertisements

1.8 Malpractice and Crime In this section you must be able to: Explain the consequences of malpractice and crime on information systems. Describe the possible.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Crime and Security in the Networked Economy Part 4.
Hacking. Learning Objectives: At the end of this lesson you should be able to:
Hackers They can u Read the data files u Run the application programs u Modify some files which may cause damages Individuals who gain unauthorized access.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Security+ Guide to Network Security Fundamentals
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Hacking, Viruses and the Copyright Law. Learning Objectives  Describe what Hacking is and what Viruses are.  List what viruses can do and describe how.
By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.
Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.
Issues Raised by ICT.
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
Data Security GCSE ICT.
Security. Introduction to Security Why do we need security? What happens if data is lost? –Wrong business decisions through lack of information –Long-term.
1 3 Computing System Fundamentals 3.4 Networked Computer Systems.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
Data Confidentiality. Learning Objectives: By the end of this topic you should be able to: discuss the need to keep data confidential explain how data.
GCSE ICT Viruses, Security & Hacking. Introduction to Viruses – what is a virus? Computer virus definition - Malicious code of computer programming How.
IT Security for Users By Matthew Moody.
BUSINESS B1 Information Security.
1.1 System Performance Security Module 1 Version 5.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Liam Bradford.
Section 6 Theory Software Copyright, Viruses and Hacking.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Types of Electronic Infection
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Project 1a Evaluation Section. Using ICT Advantages and Disadvantages of using ICT.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
Data protection This means ensuring that stored data does not get changed, removed or accessed accidentally or by unauthorised people. Data can be corrupted,
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Chap1: Is there a Security Problem in Computing?.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Security and Ethics Safeguards and Codes of Conduct.
ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.
Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.
Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.
Candidates should be able to:  describe the purpose and use of common utility programs for:  computer security (antivirus, spyware protection and firewalls)
Policies and Security for Internet Access
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
Security risks in a network. Remote access  When you connect a computer to a network it is visible to all other computers on the network. When you connect.
Information Systems Design and Development Security Precautions Computing Science.
Protection of Data 31 Protection of Data 31. Protection of Data 31 Having looked at threats, we’ll now look at ways to protect data: Physical Barriers.
Primary/secondary data sources Health and safety Security of Data Data Protection Act.
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
Security Risks Todays Lesson Security Risks Security Precautions
8 – Protecting Data and Security
Chapter 40 Internet Security.
Answer the questions to reveal the blocks and guess the picture.
Malware, Phishing and Network Policies
INFORMATION SYSTEMS SECURITY and CONTROL
Encryption and Hacking
Faculty of Science IT Department By Raz Dara MA.
Chapter # 3 COMPUTER AND INTERNET CRIME
WJEC GCSE Computer Science
G061 - Network Security.
Unit 1.6 Systems security Lesson 1
Presentation transcript:

Security Strategy

You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS  Policies & Procedures  Password Guidelines  Virus Protection  Prevention  Detection  Repair  Firewall  Encryption  Access Rights

Security Strategy Data Security Physical Loss – fire or flood Electronic problems – faulty hardware or magnetic influences. Theft – by a competitor. Malicious access, deletion or virus attack.

Security Strategy Data Integrity Is the data correct? When it is entered double entry can be used. Call centres ask customer to spell names and details are read back. Transmission errors can cause data errors. Viruses, hardware breakdown, viruses or computer crime can cause problems.

Security Strategy Data Privacy This is personal or sensitive data. Is the data safe from unauthorised people? In school we have passwords and user logons so that no one else can access your files. People within school have different levels of access, this means data can be kept more secure. E.g. Guidance have access to personal information but teachers do not.

Security Strategy Summary The network manager keeps the data secure. (Fire, flood, electronic outages). Integrity is how correct data is when it is first entered. Privacy is not letting other users into your personal or sensitive data.

Security Strategy The Risks Virus – malicious code. Designed to spread to other computers automatically. Transmitted via an attachment, downloaded or something else. Can lie dormant for some time and can be very harmful.

Security Strategy The Risks Hacking – Breaking into a computer system from outside the network. Breaking in is an offence but not a bad as maliciously altering or stealing information.

Security Strategy The Risks Denial of Service Attack (DOS Attack)– Flooding a server with surprisingly large amounts of requests for information. The server is overloaded and it ends up crashing.

Security Strategy Policies and Procedures Code of Conduct – set of rules that users must follow. Employees have to sign a code of conduct. Usually common sense and for the employee's protection to stop them breaking the law. The British Computer Society has a Code of Ethics which includes professional conduct, professional integrity, public interest, fidelity (trustworthiness), technical competence.

Security Strategy Password Guidelines A strong password is one that no one else can guess and would be made up entirely of random numbers and letters (lowercase and uppercase). Users tend to choose poor passwords. The rules are: Minimum of 8 characters Letters and numbers and symbols No words Not the same as a previous password Cannot be easily guessed

Security Strategy Virus protection Computer systems are susceptible to viruses and must be protected by: Not allowing floppy disks. Not open suspicious s and use filtering software to intercept the virus. Install anti-virus software that can Prevent, detect, or repair the infected file. Stops key loggers.

Security Strategy Firewall A firewall was originally constructed to stop fire spreading throughout a house. It could be constructed between the house and the garage. This metaphor has been borrowed by the computing industry to name the software/hardware that acts as a barrier between computers on a network. Without it intruders could destroy, tamper with or gain access the files on your computer. Note: it is anti-virus software that stops viruses!

Security Strategy Firewall A firewall can be hardware or software that has filters to constantly monitor for unauthorised access to an network. It is placed between a file server and the internet connection. It also: Checks and filters external messages Blocks access to certain workstations/servers from an external computer. Only grants access to authorised users. Extra notes:

Security Strategy Encryption Encryption techniques are used to pass sensitive data across the internet. The most obvious place you will see this is if you use your credit card to buy goods on the internet. If the packets of data are intercepted they cannot be read because they have been scrambled using 32 bit or 64 bit encryption. The message can only be read by the person receiving it, who holds the correct key to decipher it.

Security Strategy Encryption In an exam you may be asked to explain how encryption works. This is public and private key encryption. 1.Bob encrypts the message with Alice’s Public Key. 2.The encrypted message is sent and cannot be read by unauthorised users. 3.Alice decrypts the message with her private key, no one else knows what this key is.

Security Strategy Access Rights Access rights are: Read Write Create Erase Modify These right can be granted or revoked by the owner of the files or by the administrator. If a file is read only you cannot write, erase or modify it in any way. You would normally give these access rights in groupings e.g. read, write, create, modify.

Security Strategy Access Rights Access rights can specifically set for the following: Whether you have administrator rights The amount of disk space allocated Printers (printer credits) Internet Folders Applications

Security Strategy You have learned about: Data Security Data Integrity and Data Privacy Risks Hacking Denial of Service DOS Policies & Procedures Password Guidelines Virus Protection Prevention Detection Repair Firewall Encryption Access Rights

Question 2008 Q17 Lachlan is preparing for an interview for the job of network security manager at First Place Ltd. The company has 4 warehouses supplying 40 branches throughout the country. As stock control system is used to manage daily supplies to each branch. As part of the interview he will be asked about a security strategy for the company’s organisational information system. (a)State five areas concerning security strategies that Lachlan should be prepared to discuss in his interview. (5)

Question 2009 Section 2 Q17. Setting up a username and password is one task involved in the creation of a network account. State three other settings associated with a network account Q18 A company holds confidential personal data about its customers (a) Explain the difference between security and privacy as applied to data held in a computerised information system 2 (b)(i) Evaluate the suitability of these passwords: scotlandtom100695Hs%2 3 (ii) Apart from passwords, describe two data security measures that should be introduced as part of the security strategy. 4

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.