Data Security
Types of Computer Crime
Types of malware
Biometric devices
Addressing security threats
Addressing loss of data
Data transmission errors
Data Protection Act
Hacking: process of gaining unauthorised access to a computer system and stealing information
Software piracy: unauthorised and illegal duplication of copyrighted software
Immoral information: violation of law through the use of the internet by distributing malicious information
Malware distribution: development and distribution of harmful programs that can infect computers
Viruses: computer programs capable of negatively affecting performance, files and software
Worms: programs that spread and multiply from one PC to another with the aim of damaging resources
Trojan horse:a program which pretends to be a useful program, but performs a malicious process while being used
Key logger: a tool that captures the user's keystrokes and input, stores in a text file and sends it to a 3rd party
Phishing: a website scam used to steal valuable information such as credit card and social security numbers, user IDs and passwords
Spyware: a program that gathers user information and browsing history without his knowledge, usually for advertising purposes
DDos: aim of stopping a computer system operating by sending packets of data until the system overloads and terminates operation
A device which uses body parts to identify a user
Finger print scanner
Retina scanner
Facial Biometric
Voice recognition
Palm reader
Encryption: data coded in a form which can only be understood by a user
Authentication: process of indentifying an indivual using a username and a password
Characteristic of a strong password: confidential, memorised by the user, 6+ characters long, alphanumeric, difficult for other people to guess, non-visible, changed regularly
Authorization: process of giving individuals access to certain parts of the system based on their identity.
Firewall: software or hardware that can be installed to protect a network from malicious access
Education: training users to make use of security and password policies and report any suspicious movements
Anti-malware: software used to scan incoming and outgoing data from malware threats (repairing corrupted files, deleting malicious data, updating for new malware developments)
Back-up: making a copy of the current work
RAID (Redundant Array of Independent Disks): allows data to be stored on two or more disks at the same time
UPS (Uninterruptible Power Supply): a device used to avoid loss of data due to a power surge or power cut.
Transaction log: a backup method which allows copies of previous versions of work
Master file: stores the most recent information about a particular subject
Transaction file: stores information about a particular transaction and is used to update the master file
Archive file: a file which is kept only for historical and record purposes
Ancestral file system: allows the creation of copies of previous versions of work
Hardware measure used to avoid error of transmission consists of shielding and covering the connection cable.
Software measure: used to avoid and detect transmission errors using parity checking/checksum
Even parity: even number of 1s; parity bit = 0
Odd parity: odd number of 1s; parity bit = 0
Protects each individual's personal data
Data controllers: regulate compliance with the Data Protection Act especially in education, home affairs, social security, police and finance,
Main articles:
Data is collected for specific and legitimate purposes only
Data is correct and up-to-data
May not be used for incorrect purposes
Data is process fairly and lawfully
Data is always processed with good practice
Act applies equally to public and private sectors.