2.5 safety and security of data in ict systems 13 12-11


Published on

Published in: Education, Technology, Business
1 Comment
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

2.5 safety and security of data in ict systems 13 12-11

  1. 1. 2.5 Safety and Security of Data in ICT Systems
  2. 2. 1. What is personal data?2. What‟s the difference between privacy and security?3. Why should we be concerned about privacy of data?4. What do we mean by intrinsic value of data?5. What do we mean by commercial value of data?
  3. 3.  Make a list of organisations that you think store information about you What is personal data ◦ Facts and opinions about a living person Should we be worried about organisations storing personal data?
  4. 4.  Privacy ◦ The right of an individual to keep certain aspects of their life private Security ◦ The mechanism in place to protect the privacy of information
  5. 5.  To answer this question, we should consider the following questions: ◦ Who will be able to access the data?  Identity theft ◦ Is the data accurate?  If not can have adverse effect on individual e.g. bills aren‟t pay paid, refused a credit card ◦ Will the data be sold on?  Health details sold on to insurance company ◦ How long will the data be kept?  Failed job applications, is personal data kept?
  6. 6.  How valuable is this? Value is often determined by demand and supply
  7. 7.  How valuable is this to American Airlines? It is unlikely that anyone would want to buy this information BUT The information in its own right is valuable If the data in a flight booking system was lost or stolen it could cause customer dissatisfaction, the airline‟s reputation would then be damaged
  8. 8.  “Data has an intrinsic value” MEANS Data has a value in it‟s own right Another example: A record can have intrinsic value because of its association with famous people
  9. 9.  Data is now a commodity i.e. it has financial value It‟s value might be determined by how much time and effort it takes to collate the data It‟s value might also be determined by its potential use Who might sell data? Who might buy data? Why? http://www.myhouseprice.com/Default.cfm
  10. 10. 1. What is computer crime?2. What is malpractice?3. What are the weak points in an ICT System?4. What methods could be used to protect parts of a system?5. State 3 internal threats to an ICT system6. State 3 external threats to an ICT system
  11. 11.  Involves an illegal activity using a computer e.g. ◦ Theft of money ◦ Theft of information ◦ Theft of goods ◦ Malicious vandalism
  12. 12.  Negligence or improper professional behaviour when providing computer related services e.g. ◦ Software developers who do not properly test their software and distribute it full of bugs may be guilty of malpractice ◦ Failing to keep a password secure could be enabling unauthorised access to data. ◦ Failing to adhere to company procedures (code of conduct) ◦ Sending offensive material in e-mails
  13. 13. Viruses / Illegal programs Networks Data Entry Weak Links Not Within an IT followingHacking System procedures Use of portable IT computers Personnel Data Stored Off line
  14. 14.  Data could be entered into the system with criminal intent e.g. ◦ A corrupt data entry clerk could purposely enter the wrong account number for a transaction so that an unsuspecting account holder is debited Possible Methods of prevention: ◦ Monitoring all access ◦ Automatic logging ◦ Separating the various stages involved in processing (no single person responsible)
  15. 15.  Acceptable use and Security policies are usually shared with employees during induction training, it can sometime be included in their contract. If Employees do not follow procedures such as “ Log off from your machine when unattended” Then security becomes a risk Possible Methods of prevention: ◦ Staff training ◦ Staff monitoring ◦ Disciplinary procedures shared with staff
  16. 16.  The use of laptop and palmtop computers produces risks whenever sensitive data is being stored. Such devices are likely to be removed from an organisation‟s premises, where security can be controlled. Possible Methods of prevention: ◦ Keep portable computers within the premises of the organisation ◦ If removed from the premises of the organisation keep in a secure place e.g. fire proof safe
  17. 17.  Data that is stored off-line, on CD-R, memory stick or other devices is vulnerable to loss or theft. Possible Methods of prevention: ◦ Disk stores kept locked when left unattended ◦ Formal clerical systems in place so that details are recorded whenever files leave the store ◦ Filing and recoding system should be maintained rigorously to ensure that files are not mislaid
  18. 18.  Security procedures are only as good as the people using and enforcing them. Disgruntled, dishonest and greedy employees can pose a big threat to an organisation as they have easy access to the information system. Employees might: ◦ take bribes to provide information to a rival. ◦ Alter or erase data to sabotage the efforts of the company Possible Methods of prevention: ◦ Affective interview procedures – checking references and previous employees when recruiting staff ◦ Audit trails
  19. 19.  Hacking is defined as: ◦ Unauthorised access to data held on a computer system. It is possible that a hacker will access the system to commit fraud or to steal commercially valuable data. However a large number of hackers appear to break into systems simply to prove that they can do it. Hackers profile: ◦ Grudge against company or society in general ◦ Techno-terrorists ◦ Criminal purpose
  20. 20.  Possible Methods of prevention: ◦ Password discipline ◦ Terminals logged off ◦ Restricted access privileges ◦ All access monitored ◦ Off line storage of data and software (for restore)
  21. 21.  There is NO world wide legislation In the UK there is the Computer Misuse Act 1990
  22. 22.  When data is transferred over a WAN a line can be tapped to allow eavesdropping. This has been recognised as a real problem for internet users (security of using a credit card) Possible Methods of prevention: ◦ Firewall (used to prevent unauthorised access to an organisation‟s network) ◦ Virus protection: prevention, detection and repair ◦ Identification of users ◦ Levels of permitted access
  23. 23.  A virus is a program that is written with the sole purpose of infecting computer systems Many viruses spend time infecting documents and software before moving in to active state. (letting you know that they are there) This state is often triggered by an action or a date set on the program The fear is that viruses can spread and infect many areas of the hard drive. They can also reproduce and copy themselves to floppy disks, thus infecting the hard drive of the next computer it is used on
  24. 24. ORIGINATION TRANSMISSION REPRODUCTION INFECTIONA programmer Often, the virus When another Depending on whatwrites a program is attached to a floppy disk is the original– the virus – to normal program. inserted into the programmer wrotecause mischief It then copies computer‟s disk in the virusor destruction. itself to other drive, the virus program, a virusThe virus is software on the copies itself on may displaycapable of hard disk. to the floppy messages,,use upreproducing disk. all the computersitself. memory, destroy data files or cause serious system errors
  25. 25.  Form – the most common virus in the world. ◦ This virus makes the speaker beep when you press a key on the 18th day of each month Jerusalem – serious virus ◦ Deletes a program you try to run on Friday 13th Dark Avenger – dangerous virus ◦ Corrupts the hard disk and backup copies
  26. 26.  Prevention ◦ Don‟t allow users to use their external storage devices e.g. USB pens on the system ◦ Systems can be set up to only allow specially formatted disks ◦ Use PC‟s without CD Drives and block USB ports Detection and Repair ◦ Detected and repaired using Anti-Virus Toolkit software – this software runs in the background whenever the computer is on. ◦ The software is usually able to remove the virus ◦ „Sheep-Dip‟ / „footbath‟ workstations – workstations fitted with the latest virus detectors
  27. 27.  Trojan horses ◦ A program that runs as a background task, collecting user log-in codes and passwords e.g. a program that simulates the system log-in screen Logic bombs ◦ Programs that cause system damage when triggered. ◦ Similar to a virus but does not replicate itself. ◦ Often used by employees to destroy firm‟s data when they leave
  28. 28.  Macro Virus ◦ Modern virus – exploits security loopholes in word processors, spreadsheets etc. ◦ Not usually destructive ◦ Can slow down the system, take up memory E-mail virus ◦ Spreads as an attachment to an e-mail file ◦ Runs when the attachment is downloaded or run ◦ Some very destructive ◦ Spread very quickly by reading address book and re- sending themselves
  29. 29.  Phantom virus ◦ Virus does not exist ◦ Problems caused by people e-mailing warnings – slows network traffic ◦ New variant tells people that a particular system file is a virus and gets them to delete it, causing system failure
  30. 30.  Back up all data regularly Do not download software from unknown sources Do not open attachments in e-mails Firewall ◦ Used to prevent unauthorised access to an organisation‟s network. ◦ The firewall software is placed between the network file server and the external network, often the internet. ◦ It checks all of the messages sent to the file server and filters the contents
  31. 31.  What is it? ◦ Involves an illegal activity using a computer ◦ It is sometimes thought that computer crime is a new phenomenon but as you will see, it is more the case that computers have provided new ways to commit old crimes. The following slides outline different categories of computer crime:
  32. 32.  Unauthorised access ◦ Hacking Fraud ◦ Stealing credit identities, amending details to financial accounts Publication of illicit material ◦ Pornography, racial hatred freely available on an international „ownerless‟ system (the internet) Theft ◦ Code behind a piece of software, consumer information – physically or electronically stolen Industrial espionage ◦ Gaining access to information about a competitor‟s marketing strategy, latest research etc. (electronically) Sabotage ◦ Damage effective functioning of an organisation e.g. personal grudge, political attack, economic (damaging their reputation)
  33. 33.  We need to protect: ◦ Program files ◦ Data Files ◦ Operating system files Why? ◦ All of these can be:  Corrupted  Deleted  Altered (Accidentally or maliciously)
  34. 34.  Organisations - increasingly dependent on their information systems More important to protect the systems and integrity of the data they contain. Consequences of failing to do the above: ◦ Financial loss – replace the system, compensate customers, restore missing or compromised data ◦ Loss of reputation – Failure to product client‟s details and business information will result in the loss of trust ◦ Legal consequences – DPA requires organisations to ensure data stored on individuals is securely held. Failure to do so can result in legal action Threats to data security can come from two sources, Internal sources or external sources (outlined on following slides)
  35. 35.  Non Deliberate ◦ An organisation‟s employees may accidentally compromise data security or integrity.  Simple clerical errors during input/processing stages may affect accuracy of data  Files may be accidentally erased through misuse  Internally produced software may be flawed, consequently damaging data  E-mail attachments may contain viruses, accidentally opened and thus activated. Deliberate ◦ Those responsible for ICT security need to be aware of the „enemy within‟. Two main threats:  The disgruntled employee – grudge against the company  Employee who decides to defraud the organisation for financial gain
  36. 36.  Non Deliberate ◦ The main threats of this type are „disasters‟. ◦ These may be natural:  Floods, Extreme weather conditions, earthquakes, volcanoes etc. ◦ Human mechanical  Plane crashes, power cuts, fires, building collapse etc. ◦ Both have potential to wipe out an organisation‟s Information systems. Deliberate ◦ Threats of this type can take many forms, including:  Criminals wishing to defraud the organisation by accessing and amending financial data;  Viruses with potential to corrupt data  Industrial espionage, i.e. rival organisations accessing confidential information in order to gain competitive advantage  Actual theft of hardware/software  Terrorist attack
  37. 37.  The following headings suggest and describe ways of preventing computer crime and malpractice
  38. 38.  Access privileges define for each user exactly which computers and what data he or she is allowed to access, and what they are allowed to do with that data. Possible access rights include ◦ Full Rights – a user can carry out any action on the file or data ◦ Read only – the data can be accessed to be viewed or printed, but not altered in any way ◦ Read and write – the user can read or create new data records ◦ Amend – the user can change the data held in a record ◦ Delete – the user can delete a whole record ◦ No Access – the user is barred from any form of access to the data
  39. 39.  Biometrics is the name given to techniques that convert a human characteristic such as a fingerprint in to a digital form that can be stored in a computer. These characteristics are unique Currently the face, the shape of the hand, the eye and the voice are actually used for identification as well as a fingerprint. http://www.sciencedaily.com/news/matter_energy/biometric/
  40. 40.  It is necessary to protect the hardware from theft and unauthorised access, how: ◦ Security guards – responsible for permitting access to the building, logging visits, challenging intruders ◦ Secure areas – some equipment (e.g. main servers) may be held in a secure area with limited access. This area may be locked, alarmed and monitored. ◦ Biometric access devices – access to the building using fingerprints, voice, iris etc.
  41. 41.  Data can be compromised by errors made at the point of data entry. In order to optimise data accuracy, there should be: ◦ Set procedures for data entry ◦ A means to check the validity This might involve: ◦ Batch-processing ◦ Validation checks (e.g. range checks, presence checks etc.) ◦ Verification procedures (e.g. checking for double entry of data and confirming with the client that their address has been correctly entered)
  42. 42.  Employees should be made aware of the need to: ◦ Regularly change passwords ◦ Avoid obvious passwords such as:  Postcode  Telephone number  Name  Pet ◦ Avoid other standard passwords like:  FRED  PASS  SECRET etc. ◦ Don‟t write your password down ◦ Your password should incorporate characters other than letters – such as $ or %
  43. 43.  Most effective way to prevent employees unintentionally compromising the security of systems and data is to ensure that they are well trained. Security awareness can be reinforced through the use of posters, screen messages etc.
  44. 44.  Data on a network is vulnerable to wire- tapping when it is being transmitted over a network. One method of preventing this is to encrypt the data, making it incomprehensible to anyone who does not hold the „key‟ to decode it. (No system is completely foolproof) http://www.infosecurity-magazine.com/news/80/encryption/ Encryption news
  45. 45.  Encryption Explained using the SSL protocol http://www.youtube.com/watch?v=a72fHRr6MRU http://www.youtube.com/watch?v=SJJmoDZ3il8&feature=related
  46. 46.  There are many ways of encrypting data, often based on either transposition or substitution. Transposition – Where characters are switched around Substitution – Where characters are replaced by other characters
  47. 47.  In a Transposition cipher, the message could be written in a grid row by row and transmitted column by column.
  48. 48.  The sentence „Here is the exam paper‟ could be written in a 5x5 grid: H E R E * I S * T H E * E X A M * P A P E R * * * And transmitted as: HIEMEES**RR*EP*ETHXA**HAP*
  49. 49. HERE* HERE* IS*TH IS*THHERE IS THE HERE IS THE E*EXA HIEMEES**RR*EP*ETHX E*EXAEXAM PAPER A**HAP* EXAM PAPER M*PAP M*PAP ER*** ER***Message sent Message Message received (plaintext) Encryption transmitted Decryption (plaintext) (ciphertext) (ciphertext)
  50. 50.  Using the same grid, decode the message ITT*O*E*HRWDNIYA*OS*NITT* I * W A N T E D * I T * N O T * H I S T O R Y * *
  51. 51. 1. What legislations exist to protect data?
  52. 52. Explain using examples, the differencebetween malpractice and crime as applied toInformation Systems. (4)