Unit #9: Security and Data Management
information on computers can be sensitive and needs to be looked after by restricting access
Network Security
Inappropriate and unauthorised access to this information is likely to have serious consequences and could result in legal penalties, identity theft, financial loss, fraud and invasion of privacy.
Other risks to information stored on computers include loss due to accidental deletion, or overwriting parts of files in error; mechanical damage (hard disc); power failure whilst work is in progress; accidental damage to hardware, such as fire or damage caused by spilling a drink.
Most of these risks can be managed by adopting efficient procedures such as backups
Risks to data become greater as it is shared across a network
Unauthorised access to a network can allow the hacker to see all of the stored data.
To secure a network requires appropriate level of access, secure passwords and encryption and more
Network Security: User access levels
It is not sensible for every network user to have access to all the data on a computer system.
User access levels define which users can change and view, view but not change, or not view stored data.
It will also specify what software they can or can’t access.
Suitable Passwords
Passwords add an additional layer of security when accessing a computer system.
Strong passwords may require the user to use a combination of upper and lower case letters, numbers and symbols such as @ ! ~ - / \ %. Hackers may have access to programs that brute force attack - trying multiple guesses in quick succession until the correct password is found. Stronger passwords take longer to guess.
Encryption is the conversion of data, using an algorithm, into a form called cyphertext that cannot be easily understood by people without the decryption key.
Compression
process of making file smaller so it takes less storage space
Lossy
Lossless
Compresses file without losing data, preferred of loss of detail can be detrimental
Uses algorithm to compress data into form that can bedecompressed
Reduces file size by permanently discarding data, reduces amount of data needed to be stored
Network Policies
Network policies are documents outlining the rules that users are required to follow while using a computer network. Following its publication, network users will be expected to adhere to the rules.
Rules can include the following: a list of unacceptable types of website that should not be visited,
activities that are not allowed on the network, such as gambling and installation of unauthorised software and
Acceptable and unacceptable use of resource, such as printers
Disaster recovery
A disaster recovery policy outlines all the processes that must be carried out in the event of a disaster, such as data loss or a manmade error, to ensure that the business is able to perform normally within a short amount of time. Disasters include:
fire, flood, lightning, terrorist attacks etc, hardware failure, e.g. power supply unit failing, software failure, e.g. virus damage
or accidental and malicious damage, e.g. hacking
Three parts to a disaster policy
Before disaster
During
click to edit