Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.

Published byEthel Fitzgerald Modified over 8 years ago

Similar presentations

Presentation on theme: "Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc."— Presentation transcript:

1 Protecting Data

2 Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc

3 Threats to computer systems Data Integrity Fraudulent use / Malicious Damage Viruses

4 Data Integrity The correctness of data –Data may become incorrect or corrupted during: Data Entry Errors in operating procedure (update program x2) Program Errors

5 Improving data integrity Data entered by authorised personnel only Data must be verified Output should be checked for reasonableness Printed output should be shredded after use

6 Protecting Data Write-Protect disks Each user has an ID & Password –Password at least 6 characters & contain 1 number –Password display surpressed –Files that contain passwords must be encrypted –Confidential passwords –Regular password changes

7 Access Rights Only see data needed –Doctor see own patients –Doctors receptionist not see medical history Only make changes if authorised Only certain stations make changes –Password only changed at specific machine

8 Access Rights (2) DataAccess RightTerminalTimesSecurity Level Customer IDRead Only04, 050830-18007 Credit LimitRead Write040830-180010 PaymentRead / Write04, 051830-210010 Credit RatingNo Access030000-23590

9 Fraudulent Use! Vett Employees Immediate removal of sacked employed Separation of duties (more than 1 person involved in a process) Use of passwords (allows audit trail)

10 Fraudulent Use (2) Educate Staff –Challenge visitors –Shred output –Log-off –Lock doors –Employ a security manager to monitor staff & terminals and log statistics.

11 Virus Protection Make sure all software is sealed before use Do not allow floppy disks (This will also prevent unauthorised data removal) Scan E-Mail for viruses (disallow attachments?) Run regular anti-virus software scans (make sure your virus definitions are up to date)

12 Physical Security Prevention of access to computer areas (cards, badges, locks) Visitors to wear badges CCTV Alarm Systems

13 Security Procedure Use a floppy drive lock Use a virus check Do not allow anyone else to use your computer (even at home) Back-up regularly

14 Biometric Security Passwords only as effective as their owner! –Written Down –Blu-tacked to the monitor –Obvious (name, dob, password) Fingerprint Iris Scanners

15 Other Problems Fire Flood Power surge Accidental damage The deliberate damage we have been talking about

16 Newer problems! Internet –Snooping / Hacking –Microsoft code loss!! E-Mail E-Mail –Theft of data –Viruses –Time Wasting

17 Disaster Planning No matter what precautions are taken, things will go wrong! –Backup (see later in the course) –Recovery Plan Identify alternative computer equipment Restore data Identify alternative office space Make provision for alternative communication links

Download ppt "Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc."

Similar presentations

GCSE ICT Networks & Security..

GCSE ICT Networks & Security..
POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Security Strategy. You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS.

Security Strategy. You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.

A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Security: Playing in Safe By: Matt Hill Identification and Access Identification and Access | When Disaster Strikes | Disaster Recovery Plan | Software.

Security: Playing in Safe By: Matt Hill Identification and Access Identification and Access | When Disaster Strikes | Disaster Recovery Plan | Software.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.

Sixth Edition 1 M a n a g e m e n t I n f o r m a t i o n S y s t e m s M a n a g I n g I n f o r m a t i o n T e c h n o l o g y i n t h e E – B u s i.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.

By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.
Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.

Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.
The laws Organizations are covered by lots of different laws

The laws Organizations are covered by lots of different laws
Administrative Practices Outcome 1

Administrative Practices Outcome 1
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.

UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
Data Security GCSE ICT.

Data Security GCSE ICT.
Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.

Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

Similar presentations

Ads by Google