Module 1 IT Security

Module 1 – IT Security

Information Security

Viruses

Computer viruses are programs that have deliberately been sent out over the Internet to damage or destroy files on any computer that unwittingly downloads them or received them through unwanted e-mails. The good news is that there are anti-virus programs that will scan the files on your computer to eliminate these. New viruses are being created and put into circulation every day, but anti-virus updates are also being created to combat them. It is therefore important to always have anti-virus software on your computer and to scan all files that you may download from the Internet and to obtain regularupdates to combat any new viruses that appear.

Anti-virus Software

All computer systems should have anti-virus software installed. It is very important that the software is updated regularly to as new viruses are released on a regular basis. If the Anti-virus software is not updated after it is installed then it will not protect the computer from any new viruses. Most anti-virus software can be set to look for and update automatically every time the computer goes on-line.

Anti-spyware Software

These programs will prevent spyware and adware from being installed onto the computer and should keep personal information secure. As with the anti-virus software it will need to be kept up to date.

Anti-spam software

Spam mail is used by companies to advertise for various types of products. They are mostly just annoying as they fill up the inbox but they can also be a way of introducing a virus to the computer. Anti-spam software is a good way of filtering these e-mails.

Firewall

A "firewall" is a term used to describe aprotection system for a computer network. It describes hardware or software that slows the invasion of a computer system by blocking viruses and preventing hackers from gaining access to the computer or network.

A hacker is a person who secretly gets access to a computer system in order to get information, cause damage, which means that having the protection of the Firewall software is important.

Privacy

All information kept in a digital format on computers can be at risk from unauthorized access. From external or internal sources. A good firewall will help protect information from external attempts to access it. Internally an organization will have User Id’s issued to its employees to determine the level of access to information.

Passwords and PIN numbers

A password will act as a personal entry code for a user to gain access to a computer network or to access confidential information. Passwords should only be set by the user and never divulged to anyone. A secure password should consist of a combination of letters and numbers and be of a suitable length, normally 8 characters or more. It should never be shared or written down and should be changed regularly. A computer password can normally be changed via the Control Panel.

When User ID’s are allocated they normally come with a default password or PIN. These should be changed immediately as they are easy for unscrupulous people to get around. Never rely on default settings connected with a network.

An important security measure to note is that while logged onto a computer network it should never be left unattended. You should always log-off or lock the computer while away from it.

Internet security settings can also be changed to prevent other Internet users from accessing your network. In the case of Internet Explorer this can be done via Internet Options and the Security tab.

User ID

Most organisations will require the use of a user ID. This normally is a way for the computer system to know what access rights to give a user when they log-on. The user ID would be assigned by an organisation to identify you and allocate your given access rights.

Identity Theft

This is the fraudulent use of your personal details by criminals. This can be obtained by them through phishing e-mails or accessing a computer without a firewall in place or leaving a computer unattended. It can be used to commit crime, such as opening bank accounts and obtaining credit cards. It could also be used to obtain documents, such as passports or driving licenses. This is why great care should be taken with your own personal details when using IT.

Data Protection

The Data Protection Act sets rules for the gathering and processing of information on individuals. It covers paper records as well as computer records. There are eight enforceable principles that must be adhered to regarding personal Data. These are;

It must be fairly and lawfully processed
Obtained only for specific purposes
Adequate, relevant and not excessive
Accurate and up-to-date
Not kept longer than necessary
Processed in accordance with the data subjects rights
Not transferred to other countries without adequate protection
Secure and safe from others to do not have the right to it.

An individual is entitled to view all personal information that is kept on them. It is important to remember that personal information an individual should never be disclosed to third parties. For example it over the phone.

Keeping Data safe

Portable devices

Portable devices like laptops, PDA’s and mobile phones are particularly susceptible to loss or theft. All portable items should never be left unattended and locked away when not in use. Or in some cases security cables can be fitted to prevent theft.

Backing up Data

All data should be saved on a regular basis to prevent loss to power failure or computer malfunction. An organization will also need to back-up data on a regular basis in case of a disaster occurring, for example particularly nasty virus gaining access to the system or a fire destroying the building and contents. All files critical to the running of the organization will therefore be subject to regular back-up. This could be hourly, daily or weekly. The storage of the back-up data should also be kept off-site and secure.

An individual may use a labeled CD to back-up personal information for example and keep it locked away for protection.