Please enable JavaScript.
Coggle requires JavaScript to display documents.
AO5 (5.2 Operational Issues (Things a business can do or include in their…
AO5
5.2 Operational Issues
Data Loss
-
This can be avoided by not storing information on USB sticks and to look after work devices and ensure they are not left out in public places.
Data Corruption:
.
This is when data can become unreadable therefore useless. This happens when the data is being edited or transferred. You can avoid by saving data correctly and making regular backups.
-
Stolen Data
This is where data/files are intentionally stolen. This could be a result of someone leaving their laptop unattended and 3rd party copying files. This can be avoided by training employees to keep USB sticks safe.
Manipulated Data
This is where data is changed without authority. It can be avoided by having access leaves where only certain people can access.
Hacked data:
This is where data is intercepted through the hacking of a network. This can be performed by a hacker from a separate location. This can be avoided by having anti virus software and a strong firewall.
Things a business can do or include in their health and safety policy to protect employees visitors or clients:
-
-
-
-
Information, instruction and supervision
-
-
-
Change management:
Change management is a structured approach to moving an organisation from the current state to the desired future state.
5.3 Threats
Phishing
This is where individuals or organisations are tricked into handing over confidential and personal information.
Hacking
- Looking at files which they do not have access to.
- Creating, modify or delete files without permission
Virus
A piece of code which is capable of copying itself and typically has a detrimental effect e.g. corrupting the system, destroying data.
Trojan Horse
A piece of code which is introduced into the system which will have a detrimental effect on the system e.g wiping the data
Eavesdropping
SImilar to interception but this is particularly relevant to when you listen to communication traffic
-
Social Engineering
The use of centralized planning in an attempt to manage social change and regulate the future development and behaviour of a society.
Baiting
Use a false promise to pique a victim's greed or curiosity. They lure users into a trap that steals their personal information or inflicts their systems with malware.
Scarware
Malicious computer programs designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake antivirus protection.
Pretexting
A pretext is a false motive. Pretexting often involves a scam where the liar pretends to need information in order to confirm the identity of the person he is talking to.
5.1 Ethical Issues
Whistle Blowing
-
As an employee of a government agency it is against the law to whistle blow as a lot of the information is confidential
Discrimination
Discrimination is prejudiced treatment or consideration of, or making a distinction towards, a being based on the group, class, or category to which they are perceived to belong.
-
-
-
Staying safe online
Some employees are not experts when it comes to technology. It is important there are rules/regulations in place to help them keep safe online
5.4 Physical Security
Locks
Locks are a physical barrier of entry. They are normally placed on doors and can be locked to prevent the door from being opened unless it's unlocked with a complementary key
-
RFID
Radio-frequency identification uses electromagnetic fields to automatically identify and track tags attached to objects.
Tokens
Security token or hardware token, authentication token or cryptographic token, a physical device for computer authentication. Session token, a unique identifier of an interaction session.
-
Shredding
Confidential files should be shredded when no longer required
This ensures they don’t fall into the wrong hands. You can also shred discs and credit cards
5.5 Digital Security
Anti Virus
You can acquire this software by walking in store and purchasing a code for the software. Also you can just purchase the software online.
This software protects you against viruses which can be unexpectedly installed into your computer.
-
Anti-Spyware
This prevents spyware from entering your computer. Spyware is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information.
-
Permissions
Read only is a permission to access files or directories where the user is only allowed to read or view, not to make changes.
Encryption
The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks.
-