Threats to data

Data security

Data security is about keeping data safe. Many individuals, small businesses and
major companies rely heavily on their computer systems. If the data on these
computer systems is damaged, lost, or stolen, it can lead to disaster.
Key threats to data security
Data may get:
Lost or damaged during a system crash - especially one affecting the hard disk.
Corrupted as a result of faulty disks, disk drives, or power failures. Lost by
accidentally deleting or overwriting files. Lost or become corrupted by computer
viruses hacked into by unauthorised users and deleted or altered. Destroyed by
natural disasters, acts of terrorism, or war deleted or altered by employees
wishing to make money or take revenge on their employer.
Keeping data secure
Making regular backups of files (backup copies should be stored in fireproof safes
or in another building. Protecting you against viruses by running anti-virus
software. Using a system of passwords so that access to data is restricted. Safe
storage of important files stored on removable disks, locked away in a fireproof
and waterproof safe. Allowing only authorised staff into certain computer areas,
by controlling entry to these areas by means of ID cards or magnetic swipe
cards. Always logging off or turning terminals off and if possible locking them.
Avoiding accidental deletion of files by write-protecting disks. Using data
encryption techniques to code data so that it makes no apparent sense

Hackers
Unless they are protected, computer systems are vulnerable to anyone
who wants to edit copy or delete files without the owners permission.
Such individuals are usually called hackers.
Malware
Malware, short for malicious software, is software designed to gain access to a
computer system without the owner's consent. The expression is a general term
used by the computer industry to mean a variety of forms of hostile, intrusive, or
annoying software. These things are sometimes, incorrectly, referred to as a
computer virus.
Software is considered malware based on the perceived intent of the creator
rather than any particular features.
Malware is not the same as defective software, that is, software that has a
legitimate purpose but contains harmful bugs.

Threats to data

Virus
A computer virus is a piece of software that is designed to disrupt or stop
the normal working of a computer. They are called viruses because like a
virus, they are passed on from one infected machine to another.
Downloading software from the Internet, attachments to emails or using
USB memory sticks are the most common ways of a virus infecting your
computer.
Worms
A computer worm is a self-replicating program. It uses a computer
network to send copies of itself to computers on the network and it may
do so without any user intervention. It is able to do this because of
security weaknesses on the target computer. Unlike a virus it does not
need to attach itself to an existing program. Worms almost always cause
at least some harm to the network, if only by consuming bandwidth
whereas viruses almost always corrupt or modify files on a targeted
computer.
Phishing
Phishing is an e-mail fraud method in which the criminal sends out
legitimate-looking email in an attempt to gather personal and financial
information from recipients. Typically, the messages appear to come from
well-known and trustworthy Web sites. Web sites that are frequently
spoofed by phishers include PayPal, eBay, MSN and Yahoo. A phishing
expedition, like the fishing expedition it's named after, is a speculative
venture: the phisher puts the lure hoping to fool at least a few of the prey
that encounter it, take the bait.

1. Dangers of Communicating Online

Online Anonymity

Threats to data
One of the biggest dangers of communicating online is the anonymity the
Internet offers. While it can be liberating to create a presence online while
hiding your real identity, this same ability gives scammers and thieves the
ability to masquerade as almost anyone in order to trick their victims. While
some of these predators have financial motives, others may hide their
identities in order to manipulate people for their own amusement.

Privacy Concerns
Another thing to remember about the Internet is that it is a public network. Data
passes through a myriad of computer nodes when traveling from sender to recipient,
and the computers that handle that data may be snooping on it. A third party may be
able to intercept any unencrypted communications you send, so encryption software
is a must if you conduct sensitive business online. In addition, apps may be collecting
data on your activities and sending that information out over the Internet, where
marketers can use it for their own purposes. When installed on cell phones with GPS
receivers, these apps can build a frighteningly accurate picture of your daily
activities, enough to give a third party an unwelcome view into your life.

Malware Threats
Email has become an integral part of daily life for many Internet users, and while it is
a great communication tool, it is also one of the biggest vectors for malware
infections. Malware authors take advantage of the fact that users are trusting of
messages that seem to come from co-workers or friends. New malware threats even
target mobile devices, allowing hackers to gain access to the invaluable digital data
many people carry around in their mobile lifeline. That always-on connection may
provide an outsider 24-hour access to your personal data.

2. What is a Computer Virus?

These are small programs which can replicate themselves and spread from computer
to computer. They are never beneficial; usually they will make some changes to the
system they infect and, even if they do no real damage, they are undesirable. They
arrive by attaching themselves to fi les or email messages.

3. What is VoIP?

Threats to data
VOIP is an acronym for Voice Over Internet Protocol, or in more common terms phone
service over the Internet. If you have a reasonable quality Internet connection you
can get phone service delivered through your Internet connection instead of from
your local phone company. Some people use VOIP in addition to their traditional
phone service, since VOIP service providers usually offer lower rates than traditional
phone companies, but sometimes don't offer other common phone services.

4. What is Copyright?
Copyright gives the creators of some types of media rights to control how they're
used and distributed. Music, books, video and software can all be covered by
copyright law.
Copyright law
Limitations imposed by copyright
When you buy software, for example, copyright law forbids you from:

giving a copy to a friend

making a copy and then selling it

using the software on a network (unless the licence allows it)

renting the software without the permission of the copyright holder

The law that governs copyright in the UK is called the Copyright, Designs and

Patents Act 1988.

5. Identify ways to transfer data between mobile

phones
Data can be transferred between mobile phones using
technologies such as Bluetooth, wireless connection, using a SD
memory card or using a data cable to connect your phone to your
computer's USB port
What is Bluetooth? Bluetooth is a technology that allows two compatible devices,
such as phones and PCs, to communicate wirelessly without the need for a line-ofsight connection.

6. Instructions to stay secure when using shared

computers in cyber cafs.

Threats to data

Don't save your logon information

Don't leave the computer unattended with sensitive information on
the screen
Erase your tracks
Disable the feature that stores passwords

Before you go to the web, turn off the Internet Explorer feature that
"remembers" your passwords.
In Internet Explorer, click Tools, and then click Internet Options.
Click the Content tab, and then click Settings, next to AutoComplete.
Click to clear both check boxes having to do with passwords.
Delete your temporary Internet files and your history

Watch for over-the-shoulder snoops

Don't enter sensitive information into a public computer
These measures provide some protection against casual hackers who use a
public computer after you have.
But keep in mind that an industrious thief might have installed
sophisticated software on the public computer that records every keystroke
and then emails that information back to the thief.
Then it doesn't matter if you haven't saved your information or if you've
erased your tracks. They still have access to this information.
If you really want to be safe, avoid typing your credit card number or any
other financial or otherwise sensitive information into any public computer.

WHAT IS DATA ENCRYPTION?

Data encryption refers to mathematical calculations and algorithmic

schemes that transform plaintext into cypher text, a form that is nonreadable to unauthorized parties. The recipient of an encrypted message
uses a key which triggers the algorithm mechanism to decrypt the data,
transforming it to the original plaintext version.

S E C U R I N G D ATA

Threats to data
Protect your office or data centre with alarms and
monitoring systems
Keep computers and associated components out of public
view
Enforce restrictions on internet ac0 cess
Ensure that your anti-malware solution is up to date
Ensure that your operating system is up to date
Fight off hacking attacks with intrusion detection
technology
Utilize a protected power supply and backup energy
sources

W H AT C A N C A U S E D ATA L O SS
Change of Location

If you do not perform regular backups

this can cause loss of data before it gets a chance to be

backed up on the server.
Corrupt Data: Data loss can occur when you back up data
that contains other data files that are corrupt. For example, if
you backup a series of databases and one of them contains bad
data, the backup file will also be corrupt and you will be unable
to access the data again.

The Data Protection Act

The Data Protection Act controls how your personal
information is used by organisations, businesses or the
government.

Threats to data
R U L E S O F T H E D ATA P R O T E C T I O N
ACT
Used fairly and lawfully
Used for limited, specifically stated purposes
Used in a way that is adequate, relevant and not
excessive
Kept for no longer than is absolutely necessary
Handled according to peoples data protection rights
Kept safe and secure
Not transferred outside the UK without good
protection