1.16- data security

what security risks are there in modern computing?

• outside access and manipulation of files

• unauthorised reading or copying of files

• corruption of files

• loss or deliberate deleting of files.

what two categories can threats be broken into?

internal and external

what can internal threats be?

disgruntled employees, employee mistakes or incompetence and social engineering.

what can external threats be?

can be black hat hackers

what is integrity?

means guarding against improper information modification or destruction and includes ensuring information and authenticity

what is an issue for file integrity?

how files are managed when multiple users have access to them.

e.g. if multiple people save a file at the same time which file should be used? and the file may be corrupted

what processes are used to protect files and data?

complex passwords

specific steps that should be taken to secure access.

hard copies of files should be disposed off

what is a contingency plan?

plans that are tested and planned and maintained in case of a disaster

what things need to be involved before a disaster in a contingency plan

carrying out a risk analysis

putting in preventative measures staff training

what things need to be involved during a disaster in a contingency plan?

implementation of contingency plan to prevent further damage to data

beginning immediate recovery of data

what things need to be involved after a disaster in a contingency plan

purchasing replacement hardware

reinstalling software

restoring data from backups

what is a virus?

• Spreads across a network through self-writing code, identifying routes to attach itself to the network as quick as possible.

what is a worm?

A worm is the same as a virus – but can travel on its own. it won’t stop on its own until it cannot get through a network anymore.

what is trojan?

• Trojans are designed to mislead users with their intent.

• They do not replicate themselves.

• Usually will leave a backdoor route into the computer

what is ransomeware?

• Scare-ware scares the user by threatening to infect their computer or even pretending that the computers are already infected

• Ransomware deletes/encrypts files and can force users to pay to return the files. However, sometimes threat actors will just take the money

what is spyware?

• Key presses are tracked and data is typically sent back to the hacker through the Internet

• Used for identity fraud, user access – essentially gathering data

what is remote access software?

• Computers infected with this can become “bots” – PCs that a hacker can control to perform an action.

• The hacker can directly control all of these PCs to perform certain actions

what technical processes are there for protecting data?

• Setting access levels and rights to certain files or data for certain employees, complexity of passwords

• Separate workstations to servers – you wouldn’t have an employee’s workstation connected to everything else in the building.

• encryption

• Firewalls + Anti-viruses

what company processes are there for protecting data?

• Practical considerations in the office, such as not eating or drinking near computers, not taking work home with memory sticks

• Workstations kept behind key-fobbed doors – two factor authentication