ICT Homework- ICT Security Consultant PowerPoint.

Slides:



Advertisements
Similar presentations
Commercial Data Processing Computer Crime. Computer crime can be very hard to prevent. Typical crimes involve destroying, corrupting or changing the data.
Advertisements

Data Security and legal issues Starter :- 5 Minutes Make a list of all the companies and organisations that you believe holds data on you. Write down what.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Hacking. Learning Objectives: At the end of this lesson you should be able to:
Security, Privacy, and Ethics Online Computer Crimes.
Hacking, Viruses and the Copyright Law. Learning Objectives  Describe what Hacking is and what Viruses are.  List what viruses can do and describe how.
By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.
Data Protection Act.
The Data Protection Act
Data Protection Act. Lesson Objectives To understand the data protection act.
The Legal Framework Can you work out which slide each bullet point should go on?!
CENTRAL SCOTLAND POLICE Data Protection & Information Security Stuart Macfarlane Information Governance Unit Police Service of Scotland.
Administrative Practices Outcome 1
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
Data Security GCSE ICT.
Viruses & Security Threats Unit 1 – Understanding Computer Systems JMW 2012.
General Purpose Packages
Security of Data. Key Ideas from syllabus Security of data Understand the importance of and the mechanisms for maintaining data security Understand the.
Handling information 14 Standard.
Data Confidentiality. Learning Objectives: By the end of this topic you should be able to: discuss the need to keep data confidential explain how data.
GCSE ICT Viruses, Security & Hacking. Introduction to Viruses – what is a virus? Computer virus definition - Malicious code of computer programming How.
Health & Social Care Apprenticeships & Diploma
1.1 System Performance Security Module 1 Version 5.
Elma Graham. To understand what data protection is To reflect on how data protection affects you To consider how you would safeguard the data of others.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
SECURITY OF INFORMATION Unit 3c. Click to return to Sum up page HOW TO PROTECT DATA AND COMPUTERS Computers can be locked in a room CCTV and alarms to.
Legal issues The Data Protection Act Legal issues What the Act covers The misuse of personal data By organizations and businesses.
Data Protection Property Management Conference. What’s it got to do with me ? As a member of a management committee responsible for Guiding property you.
Data protection This means ensuring that stored data does not get changed, removed or accessed accidentally or by unauthorised people. Data can be corrupted,
SECURITY OF DATA By: ADRIAN PERHAM. Issues of privacy; Threats to IT systems; Data integrity; Standard clerical procedures; Security measures taken to.
James McQuillen. Data protection Act 1998 The main aim of it is to protect people's fundamental rights and freedom to a particular right to privacy of.
Data Security.
Topic 5: Basic Security.
Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,
ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.
Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.
Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.
Candidates should be able to:  describe the purpose and use of common utility programs for:  computer security (antivirus, spyware protection and firewalls)
DATA PROTECTION ACT (DPA). WHAT IS THE DATA PROTECTION ACT?  The Data Protection Act The Data Protection Act (DPA) gives individuals the right.
Computing, Ethics and The Law
GCSE ICT Data and you: The Data Protection Act. Loyalty cards Many companies use loyalty cards to encourage consumers to use their shops and services.
Business Ethics and Social Responsibility GCSE Business and Communication Systems Business and Communication Systems.
Computing and Ethics & The Law. The Law Copyright, Designs and Patents Act (1988) Computer Misuse Act (1990) Data Protection Act (1998) (8 Main Principles)
Security of, privacy of and access to personal/confidential information/data.
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
Safety & Security By Kieran Bolko. Laws The main law that you should be taking note of is the Data Protection Act 1998 – this law sets rules for the electronic.
PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.
Primary/secondary data sources Health and safety Security of Data Data Protection Act.
Data protection act. During the second half of the 20th century, businesses, organisations and the government began using computers to store information.
Technical Implementation: Security Risks
8 – Protecting Data and Security
The Data Protection Act 1998
Learning Intention Legislations impact on security of information
Data Protection GCSE ICT Mrs N Steventon-2005.
Administrative Practices Outcome 1
Data Protection Act.
The Data Protection Act 1998
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Malware, Phishing and Network Policies
Security of People, Property and Information
Unit 1 Effective Communication in Health and Social Care
Security of Data  
G061 - Network Security.
Unit 1.6 Systems security Lesson 1
European Computer Driving Licence Syllabus version 5.0
Presentation transcript:

ICT Homework- ICT Security Consultant PowerPoint

Laws Which Need to be Followed Personal Data… -Personal data covers both facts and opinions about a living person Facts- name, age and gender Opinions- religion, preferences and political views If you are going to store data electronically then you need to handle personal data correctly and follow the correct laws and rules. Such as the data protection act. This law explains how data should be handled if you are going to store any data.

Data Protection Act Data Protection… -formed in 1988 to protect personal data stored electronically -updated in 1998 to come in line with European laws -laws refer to data subjects e.g.- person who’s details are entered data controller e.g.- company they have signed up to -The Data Protection Act controls how your personal information is used by organisations, businesses or the government. -Everyone who is responsible for using data has to follow rules called ‘data protection principles’. -They must make sure the information is: used fairly and lawfully used for limited, specifically stated purposes used in a way that is adequate, relevant and not excessive Accurate kept for no longer than is absolutely necessary handled according to people’s data protection rights kept safe and secure not transferred outside the UK without adequate protection -There is stronger legal protection for more sensitive information, such as: ethnic background political opinions religious beliefs Health sexual health criminal records

Threats and Weak Points to ICT Infrastructure Internal and External Threats… -there are many threats to an ICT system and I will explain what they are in the next slide -Computer Crime- any act that is carried out using a computer illegal e.g.- theft of money or information -Malpractice- not as severe as computer crime but it is unprofessional behaviour e.g.- leaving workstation logged on

Weak Points within an ICT System Weak Points… -weak points are associated with hardware, software and people Data Entry -data can be fraudulently entered into the system with criminal intent (internal threat) Data stored on computer -if unauthorised users can gain access to the system they could be able to take or copy data (internal threat) Data stored offline -data stored offline e.g. - a CD or memory stick is vulnerable to theft or loss and should be kept locked Viruses, Worms and Trojan Horses -a virus is a program that is written with the sole purpose of infecting computer systems -a worm is a stand-alone executable program that exploits the facilities of the host computer to copy itself and carries out an action -a Trojan horse passes itself off as an innocent program but it is actually a virus Spyware -spyware is a type of computer program that attaches itself to a computers operating system and take up memory Networks -data being transmitted over a network is particularly vulnerable to an external threat Internet IT Personnel -data may be altered or erased to sabotage the efforts of a company Hacking -hacking is a general term used to mean attempting to gain unauthorised access to a computer system

Protecting ICT Infrastructure -Hardware Measures To prevent any of the weak points occurring there are many hardware measures, software measures and procedures. Hardware Measures… -an obvious way to protect access to data is to lock the door to any computer installation -a lock can be operated by a conventional key, a ‘swipe’ card or a code number typed into a keypad -the codes must be kept a secret so if it is in a workplace staff should not lend out swipe cards or codes -locks can also be activated by voice recognition or finger prints -additional physical security measures include computer keyboard locks, closed circuit television cameras, security staff and alarms

Protecting ICT Infrastructure -Software Measures Software Measures… -to make sure that all unauthorised users do not access a networked system, all authorised users must be able to be recognised e.g.- user identification numbers -a network access log can be kept which keeps a record of all the usernames of all of the users of the network and which workstation they used with the times they logged on/off -you can make some data have different levels of accessibility by making files either read only or no access etc. -Virus protection You can download anti virus software which can detect viruses on a computer and destroy it before it corrupts data -Spyware protection Anti spyware software packages can provide protection against the installation of spyware software and works in the same way as anti virus -Encryption Data encryption means scrambling or secretly coding data so only certain people understand it -Firewalls Used to prevent unauthorised access to a computer system -Biometrics Is the name given to techniques that convert a unique human characteristic such as a fingerprint into a digital form that can be stored on a computer

Protecting ICT Infrastructure -Procedures Procedures… -password procedures Passwords need to be kept private otherwise they have no value Should be carefully guarded and never revealed to others -virus protection procedures The risk of getting a virus can be reduced by sensible procedures such as not operating attachments -standard clerical procedures Loss of data integrity often occurs not as a result of computer malfunction or illegal access, but as a result of user mistakes To ensure that human errors don’t occur, very careful operation procedures should be laid out and enforced -write-protect mechanisms Data can be mistakenly be overwritten if the wrong disk or tape is used Care should be taken to write protect any disk or tape containing data that needs to be preserved

Real World Case Studies News stories… -David Smith, deputy commissioner at the ICO told the InfoSec security conference the NHS had highlighted 287 breaches to it in the period. -Most of the breaches (113) were the result of stolen data or hardware, followed by 82 cases of lost data or hardware. -A contractor working for the Home Office has lost a computer memory stick containing personal details about tens of thousands of criminals. -The Home Office was first told by private firm PA Consulting on Monday that the data might be missing. -The lost data includes details about 10,000 prolific offenders as well as information on all 84,000 prisoners in England and Wales.