Unit #9: Security and Data Management

information on computers can be sensitive and needs to be looked after by restricting access

Network Security

Inappropriate and unauthorised access to this information is likely to have serious consequences and could result in legal penalties, identity theft, financial loss, fraud and invasion of privacy.

Other risks to information stored on computers include loss due to accidental deletion, or overwriting parts of files in error; mechanical damage (hard disc); power failure whilst work is in progress; accidental damage to hardware, such as fire or damage caused by spilling a drink.

Most of these risks can be managed by adopting efficient procedures such as backups

Risks to data become greater as it is shared across a network

Unauthorised access to a network can allow the hacker to see all of the stored data.

To secure a network requires appropriate level of access, secure passwords and encryption and more

Network Security: User access levels

It is not sensible for every network user to have access to all the data on a computer system.
User access levels define which users can change and view, view but not change, or not view stored data.
It will also specify what software they can or can’t access.

Suitable Passwords

Passwords add an additional layer of security when accessing a computer system.
Strong passwords may require the user to use a combination of upper and lower case letters, numbers and symbols such as @ ! ~ - / \ %. Hackers may have access to programs that brute force attack - trying multiple guesses in quick succession until the correct password is found. Stronger passwords take longer to guess.

Encryption is the conversion of data, using an algorithm, into a form called cyphertext that cannot be easily understood by people without the decryption key.

Compression

process of making file smaller so it takes less storage space

Lossy

Lossless

Compresses file without losing data, preferred of loss of detail can be detrimental

Uses algorithm to compress data into form that can bedecompressed

Reduces file size by permanently discarding data, reduces amount of data needed to be stored

Network Policies

Network policies are documents outlining the rules that users are required to follow while using a computer network. Following its publication, network users will be expected to adhere to the rules.

Rules can include the following: a list of unacceptable types of website that should not be visited,
activities that are not allowed on the network, such as gambling and installation of unauthorised software and
Acceptable and unacceptable use of resource, such as printers

Disaster recovery

A disaster recovery policy outlines all the processes that must be carried out in the event of a disaster, such as data loss or a manmade error, to ensure that the business is able to perform normally within a short amount of time. Disasters include:
fire, flood, lightning, terrorist attacks etc, hardware failure, e.g. power supply unit failing, software failure, e.g. virus damage
or accidental and malicious damage, e.g. hacking

Three parts to a disaster policy

Before disaster

During

click to edit