2 TYPES OF THREATSOpportunist threats People who find an unattended computer that has been left logged in to a system may view, steal or damage information, programs or hardware. Computer viruses These are small programs that can replicate themselves and spread from computer to computer. They are never beneficial; they make changes to the system they infect. They arrive by attaching themselves to files or messages. Malware These include computer worms, Trojan horses, spyware and adware. Phishing Attempts to gain access to passwords, financial details and other privileged information. Done via messages pretending to come from a trusted website, instant messaging or social networks. They try to divert you to a website that looks authentic and that asks for information about you. Accidental damage This may be caused by a natural disaster (flooding), mischief or accidental mishap, and can result in losing all of a computer’s data. Hackers People who purposefully try to gain unauthorised access.
3 PREVENTATIVE AND REMEDIAL ACTIONS Physical barriers These include turning off computers and locking offices when the systems are unattended to prevent damage by people, theft or the environment. Password control of access Passwords are sequences of characters, known only to the computer user, which allow access to a computer, network or application. Access levels These can be set up to allow individuals to have access to only specific levels of an application and to prevent unauthorised users from accessing particular data. Anti-virus software This is set up to intercept computer viruses before they can become resident on the computer. Firewall This is a piece of software that monitors all data arriving at your computer from the internet and all data leaving your computer. It stops anything that it thinks is harmful or unwanted. Encryption This is used to codify data so that it cannot be read by anyone who does not have the key to the code. Backup and recovery Making a backup of data is the only way of recovering from a total data disaster. Backups can be; a full system backup, incremental backups or backups to removable media such as USB sticks. Recovery Replacing the data if something happens, such as deletion or corruption. Personal Safety Security settings can be used on social networking sites to protect users’ privacy and reputation.
4 LEGISLATION Data Protection Act 1998 Computer Misuse Act 1990 Businesses must conform to the eight principles to protect the data that they hold about customers.Computer Misuse Act 1990The law was created to punish hackers and creators of viruses.Copyright, Designs and Patents Act 1988Copyright protects people’s original data such as artworks, music, code, books, etc.Freedom of Information Act 2000This gives people the right to see data held about them by organisations, and also to request access to data about organisations such as local councils or national government.TECHNOLOGY USED FOR MONITORINGTechnology can be used to monitor people’s movements and communications.Movement:CCTV cameras, GPS devices like those found in smartphones, Data from airports, such as passenger listsCommunications:Monitoring , monitoring website visits, logging keywords typed into search engines.