Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.

Slides:



Advertisements
Similar presentations
GCSE ICT Networks & Security..
Advertisements

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.
Crime and Security in the Networked Economy Part 4.
Security: Playing in Safe By: Matt Hill Identification and Access Identification and Access | When Disaster Strikes | Disaster Recovery Plan | Software.
Security, Privacy, and Ethics Online Computer Crimes.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies
Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter
DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.
Course: Introduction to Computers Lecture: 6.  Commercial software is covered by Copyrights.  You have to pay for it and register to have the license.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
Prepared by:Nahed AlSalah Data Security 2 Unit 19.
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
Data Security GCSE ICT.
Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.
Protecting ICT Systems
Disaster Planning and Security Policies. Threats to data DeliberateTerrorism Criminal vandalism/sabotage White collar crime Accidental Floods and fire,
Data Confidentiality. Learning Objectives: By the end of this topic you should be able to: discuss the need to keep data confidential explain how data.
GCSE ICT Viruses, Security & Hacking. Introduction to Viruses – what is a virus? Computer virus definition - Malicious code of computer programming How.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Security and backups GCSE ICT.
Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
1 Maintain System Integrity Maintain Equipment and Consumables ICAS2017B_ICAU2007B Using Computer Operating system ICAU2231B Caring for Technology Backup.
© 2001 by Prentice Hall11-1 Local Area Networks, 3rd Edition David A. Stamper Part 4: Installation and Management Chapter 11 LAN Administration: Backup.
Information Systems Security Operational Control for Information Security.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
MODULE 12 CONTROL AUDIT AND SECURITY OF INFORMATION SYSTEM 12.1 Controls in Information systems 12.2 Need and methods of auditing Information systems 12.3.
D ATABASE A DMINISTRATION L ECTURE N O 3 Muhammad Abrar.
ICT Homework- ICT Security Consultant PowerPoint.
Data protection This means ensuring that stored data does not get changed, removed or accessed accidentally or by unauthorised people. Data can be corrupted,
SECURITY OF DATA By: ADRIAN PERHAM. Issues of privacy; Threats to IT systems; Data integrity; Standard clerical procedures; Security measures taken to.
Data Security.
Security and Backup. Introduction A back-up strategy must cover all eventualities: Accidental damage Equipment failure Deliberate damage It must consider:
Network Security & Accounting
Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,
Cmpe 471: Personnel and Legal Issues. Personnel Crime is a human issue not a technological one Hiring On-going management Unauthorised access Redundancy.
MBA 664 Database Management Dave Salisbury ( )
HalFILE 2.1 Network Protection & Disaster Recovery.
CONTROLLING INFORMATION SYSTEMS
1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.
1 UNIT 19 Data Security 2 Lecturer: Ghadah Aldehim.
ICT Security Policies Security Policies What is Security?What is a policy? The aims or plan of action of a person or group. School OED Precaution against.
Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.
Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.
© 2003 McGraw-Hill Australia Pty Ltd, PPTs t/a Accounting Information & Reporting Systems by A. Aseervatham and D. Anandarajah. Slides prepared by Kaye.
Unit 12 – IT Technical Support – Anne Sewell Aims of the lesson: To carry out a back-up of files to a USB or desktop. This is a build-up exercise towards.
Learning Intention Security of Information. Why protect files? To prevent unauthorised access to confidential information To prevent virus/corruption.
Welcome to the ICT Department Unit 3_5 Security Policies.
ANS File Security Chapter # 29 ( Prepared by : Mazhar Javed ) 1 Data Security “Protection against loss, corruption of, or unauthorized access of data”
Technical Implementation: Security Risks
Security Of Information Systems
Unit 13 IT Systems Troubleshooting and Repair Anne Sewell
AS ICT Module 2 Objectives: Security of Data
UNIT 19 Data Security 2.
Processing Integrity and Availability Controls
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Computer Ethics.
Planning and Security Policies
Part 3.
Security of Data  
What is Information Security?
G061 - Network Security.
Presentation transcript:

Security of Data

Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the importance of and the mechanisms for maintaining data security Understand simple processes that protect the integrity of data against malicious or accidental alteration; standard clerical procedures, passwords, levels of permitted access, write protect mechanisms, backup procedures, restoration and recovery procedures. Understand simple processes that protect the integrity of data against malicious or accidental alteration; standard clerical procedures, passwords, levels of permitted access, write protect mechanisms, backup procedures, restoration and recovery procedures. Backup systems Understand the need for regular and systematic backup and recovery procedures Understand the need for regular and systematic backup and recovery procedures

Part One Security of Data The two threats to data security Privacy of data Integrity of data - the correctness of data. Threats from whom? Employers - personal records Shops - account history etc. Banks - salary details Insurance companies - health record How can data be corrupted? Errors in input - human error Errors in operating procedures, e.g.run an update program twice in error. Program errors.

So simple measures are needed to protect data from theft and destruction (integrity)

Protecting data integrity Standard clerical procedures Input Data entry limited to authorised personnel Data entry limited to authorised personnel Large volumes of data keyed twice to guard against keying errors. Large volumes of data keyed twice to guard against keying errors. Total entries checked to verify completeness and guard against illegal entry. Total entries checked to verify completeness and guard against illegal entry.Output All output checked for inconsistencies. All output checked for inconsistencies. Shred sensitive information after use. Shred sensitive information after use.

Protecting data integrity Write-protecting disks

Protecting data integrity User Ids and passwords A sure fire way of protecting data is to issue passwords in order that staff in an organisation can gain access to data. Passwords are set according to these common rules: Passwords must be at least six characters Passwords must be at least six characters Passwords suppressed (starred out) on-screen Passwords suppressed (starred out) on-screen Files containing passwords must be encrypted Files containing passwords must be encrypted Users must keep them confidential, not write them down, keep them guess free and change them every 3 months. Users must keep them confidential, not write them down, keep them guess free and change them every 3 months.

Protecting data integrity Access Rights Three types of access rights to files/data Read only Read only Read/Write Read/Write No access No access Administrators can set up an “access directory” that can specify access rights, workstations, times etc. Administrators can set up an “access directory” that can specify access rights, workstations, times etc.

Protecting data integrity How do you protect against fraud or malicious damage to data? Careful vetting procedures for employees Careful vetting procedures for employees If someone is sacked, immediately revoke all access If someone is sacked, immediately revoke all access Separation of duties - prevent people having fingers in many pies Separation of duties - prevent people having fingers in many pies Physical prevention - lock people out, ID badges etc. Physical prevention - lock people out, ID badges etc. Passwords Passwords Staff education - vigilance against unauthorised users Staff education - vigilance against unauthorised users Security manager to check up on access to network, can monitor all workstations, log ins, access to files etc. Security manager to check up on access to network, can monitor all workstations, log ins, access to files etc.

Protecting data integrity Protection against viruses Anti virus software Anti virus software Don’t allow floppy disks Don’t allow floppy disks Software purchased is sealed - I.e. clear evidence it has not been tampered with. Software purchased is sealed - I.e. clear evidence it has not been tampered with.

Protecting data integrity Biometric Security Measures Fingerprint recognition Fingerprint recognition Iris recognition Iris recognition Voice recognition Voice recognition

Protecting data integrity Communications security Remote databases can be hacked into via the telecommunication network. One way illegal access is prevented is by using a “call back” mechanism so that when a remote user logs on the computer automatically calls them back at a prearranged telephone number. Remote databases can be hacked into via the telecommunication network. One way illegal access is prevented is by using a “call back” mechanism so that when a remote user logs on the computer automatically calls them back at a prearranged telephone number.

Part 2 - Data security: Planning for disasters!!!!!!!!! What are the threats to Information Systems? Terrorism Terrorism Fire Fire Flood Flood Theft Theft Sabotage Sabotage

Backup strategies Full backupPeriodic backup Incremental backup

Spot the backup strategy All updates to a file since the last backup will be lost. All updates to a file since the last backup will be lost. Time consuming, especially if large files being backed up. Time consuming, especially if large files being backed up. Copy all files at regular intervals. Copy all files at regular intervals.

Spot the backup strategy Backup all software and files. Backup all software and files. All contents of computers hard disk (software and files) is copied each day. All contents of computers hard disk (software and files) is copied each day.

Spot the backup strategy Backup only those files which have changed since the last backup. Backup only those files which have changed since the last backup.

Backup Hardware For small quantities of data removable disks are simplest. For small quantities of data removable disks are simplest. Larger backups use magnetic tape. Larger backups use magnetic tape. Rewriteable CD Rewriteable CD RAID (Redundant Array of Inexpensive) - mainly used for backing up on-line databases. RAID (Redundant Array of Inexpensive) - mainly used for backing up on-line databases. Backing up on-line databases: RAID - data written simultaneously on separate disks (normally three). If one fails other two will have data RAID - data written simultaneously on separate disks (normally three). If one fails other two will have data Transaction logging - each record has a before and after image saved so if a record is destroyed the omission can be traced. Transaction logging - each record has a before and after image saved so if a record is destroyed the omission can be traced.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.