Data Security

Types of Computer Crime

Types of malware

Biometric devices

Addressing security threats

Addressing loss of data

Data transmission errors

Data Protection Act

Hacking: process of gaining unauthorised access to a computer system and stealing information

Software piracy: unauthorised and illegal duplication of copyrighted software

Immoral information: violation of law through the use of the internet by distributing malicious information

Malware distribution: development and distribution of harmful programs that can infect computers

Viruses: computer programs capable of negatively affecting performance, files and software

Worms: programs that spread and multiply from one PC to another with the aim of damaging resources

Trojan horse:a program which pretends to be a useful program, but performs a malicious process while being used

Key logger: a tool that captures the user's keystrokes and input, stores in a text file and sends it to a 3rd party

Phishing: a website scam used to steal valuable information such as credit card and social security numbers, user IDs and passwords

Spyware: a program that gathers user information and browsing history without his knowledge, usually for advertising purposes

DDos: aim of stopping a computer system operating by sending packets of data until the system overloads and terminates operation

A device which uses body parts to identify a user

Finger print scanner

Retina scanner

Facial Biometric

Voice recognition

Palm reader

Encryption: data coded in a form which can only be understood by a user

Authentication: process of indentifying an indivual using a username and a password

Characteristic of a strong password: confidential, memorised by the user, 6+ characters long, alphanumeric, difficult for other people to guess, non-visible, changed regularly

Authorization: process of giving individuals access to certain parts of the system based on their identity.

Firewall: software or hardware that can be installed to protect a network from malicious access

Education: training users to make use of security and password policies and report any suspicious movements

Anti-malware: software used to scan incoming and outgoing data from malware threats (repairing corrupted files, deleting malicious data, updating for new malware developments)

Back-up: making a copy of the current work

RAID (Redundant Array of Independent Disks): allows data to be stored on two or more disks at the same time

UPS (Uninterruptible Power Supply): a device used to avoid loss of data due to a power surge or power cut.

Transaction log: a backup method which allows copies of previous versions of work

Master file: stores the most recent information about a particular subject

Transaction file: stores information about a particular transaction and is used to update the master file

Archive file: a file which is kept only for historical and record purposes

Ancestral file system: allows the creation of copies of previous versions of work

Hardware measure used to avoid error of transmission consists of shielding and covering the connection cable.

Software measure: used to avoid and detect transmission errors using parity checking/checksum

Even parity: even number of 1s; parity bit = 0

Odd parity: odd number of 1s; parity bit = 0

Protects each individual's personal data

Data controllers: regulate compliance with the Data Protection Act especially in education, home affairs, social security, police and finance,

Main articles:

Data is collected for specific and legitimate purposes only

Data is correct and up-to-data

May not be used for incorrect purposes

Data is process fairly and lawfully

Data is always processed with good practice

Act applies equally to public and private sectors.