Please enable JavaScript.
Coggle requires JavaScript to display documents.
Unit 9 - Security and Data Management - Coggle Diagram
Unit 9 - Security and Data Management
Network Security
Risks to data become greater as it is shared across a network.
Unauthorised access to a network can allow the hacker to see all of the stored data.
To secure a network requires appropriate level of access (restricting people to the data/software they need to do their jobs), secure passwords and encryption (coding the contents of emails, etc.).
User access levels
It is not sensible for every network user to have access to all the data on a computer system.
User access levels define which users can change and view, view but not change, or not view stored data.
It will also specify what software they can or can’t access.
For example, in a program used within a company, an administrator, possibly the owner, will have read and write access to all data on the system. An assistant, however, will not have access to confidential data such as employees’ salaries.
Suitable passwords
Passwords add an additional layer of security when accessing a computer system.
Strong passwords may require the user to use a combination of upper and lower case letters, numbers and symbols such as @ ! ~ - / \ %.
Other users can guess short simple passwords, or a hacker may have access to programs that brute force attack - trying multiple guesses in quick succession until the correct password is found.
Strong password will be much harder to guess and will take longer to brute force
Encryption Techniques
Encryption is the conversion of data, using an algorithm, into a form called cyphertext that cannot be easily understood by people without the decryption key.
Compression and Compression Types
Compression is the process of making file smaller so it takes less disk/memory space.
This allows more data to be stored on the disk
Files may also be transferred more quickly.
There are two primary methods that are used to compress files stored on a computer system; these are lossy and lossless.
Lossy
Lossy compression reduces the file size by discarding data.
The technique aims to reduce the amount of data that needs to be stored.
Lossy compression is used to compress multimedia data, such as sound and video, especially in applications that stream media over the Internet.
Compression ratio is calculated using the simple formula: Compression Ratio = Original File Size / Compressed File Size
Depending on how much data is discarded, the quality of the images deteriorates accordingly
1 more item...
Lossless
Lossless compression uses an algorithm to compresses data into a form that may be decompressed without any loss of data, returning the file to its exact original form.
It is preferred to lossy compression when the loss of any detail, for example in a computer program or a word-processed document, could have a detrimental effect.
A simple lossless compression on a word-processed document replaces common strings, such as ‘the’, with a token such as the symbol
,
making a 2 byte saving every time the word ‘the’ occurs.
Disaster Recovery
A disaster recovery policy outlines all the processes that must be carried out in the event of a disaster, such as data loss or a manmade error, to ensure that the business is able to perform normally within a short amount of time. Disasters include:
fire, flood, lightning, terrorist attacks etc.
hardware failure, e.g. power supply unit failing
software failure, e.g. virus damage
accidental and malicious damage, e.g. hacking
There are usually three parts to a disaster recovery policy:
before the disaster: risk analysis, preventative measures and staff training
during the disaster: staff response – implement contingency plans
after the disaster: recovery measures, purchasing replacement hardware, reinstalling software, restoring data from backups
Archiving
Data held on computer systems is often archived.
Archiving is the process of storing data that is no longer in current or frequent use. It is held for security, legal or historical reasons.
The process of archiving data frees up resources on the main computer system and allows faster access to data that is in use.
Backups
A backup is a copy of data that can be used if the original data is lost.
Backups of all data should be made regularly, as the older the backed-up data becomes, the less likely it is to match any current data stored on a computer system.
A backup policy sets out - what, where, when and how often backups are made.
A typical backup policy is called the grandfather-father-son method. The oldest backup copy would be named the grandfather, the second oldest backup being named the father and the most recent backup being called the son. When a new backup is made, the oldest backup, the grandfather is overwritten and becomes the son backup, with the original son becoming the father and the father becoming the grandfather. These backups should be stored off-site.
Network Polices
Network policies are documents outlining the rules that users are required to follow while using a computer network. Following its publication, network users will be expected to adhere to the rules.
Typical rules set out in these policies include:
a list of unacceptable types of website that should not be visited
activities that are not allowed on the network, such as gambling and installation of unauthorised software
Acceptable and unacceptable use of resource, such as printers