Security And Integrity Of Data Essay, Research Paper
Security
of data Security of data
involves the protection of data from anything that could destroy it, or
introduce errors to it, as this may corrupt data. Things
such as hazards, for example fires and floods, or another person gaining access
to the data and damaging it, can destroy data. The
security of data is very important, as many people store extremely important
documents on their computers, for example bank or health records which may
contain personal and confidential information about a person, which when
discovered could cause major problems. If somebody were to discover another
persons bank details through data being insecure, money could be taken from
their account, which would cause confusion and disruption for everybody. Data
does need to be kept secure, and there are many ways to do this, for example by
backing up data or putting passwords on your files. How data and
software can sometimes not be secureThere
are a large number of ways in which data and software cannot be secure, in some
of the following situations:·
Files can be
accidentally overwritten or deleted because of: ¨
Fraud ¨
Accident ¨
Files could have the
wrong data inputted·
They
could be lost due to: ¨
Losing discs ¨
Damage to the hard
drive ¨
Files or discs
destroyed·
Deletion or
corruption ¨
Discs could be
scratched ¨
Viruses ¨
The files could be
accessed and damaged by unauthorised users; this could be due to you not having
necessary password protection on your PC. Hackers and viruses Hacking
is gaining access to a computer system without authority, usually to cause some
damage to the system, or to gain information that would not usually be
available to the general public. People that do this could delete or corrupt
data, and copy it for themselves to use for their own reasons. Hackers are the
people that attempt to do this. Hackers once gaining entry to a system are
presented with unlimited options as to how they could damage the system. They
could simply copy files, delete them, or bring down the entire system.
Protecting a system against hackers has become an extremely important subject,
since there is no end to the damage that can be done. A virus is a program
which when ran would usually attempt to disrupt the use of your computer in
some way. Viruses can be written to do many things, from displaying messages on
your computer screen to allowing another person unauthorised access to your
computer to deleting files from your computer. Nowadays, a very
common way of spreading viruses is through the Internet. People often send
viruses through e-mail, which unsuspecting people then open and damage is
caused to their computer. Many viruses sent through e-mail now have the ability
to forward themselves to everybody in the recipients address book, meaning they
spread more quickly and to a larger amount of people. A virus that has been in
the news fairly recently was the ?lovebug? virus, spread through e-mail it
would copy and forward itself to every person in every recipients address book
before causing some damage the computer. Protection from
hackers and viruses There
are a large number of ways in that an organisation can be protected from
hackers and viruses: ·
Using
anti virus software ? There are a lot of different anti virus programs
available, which when loaded onto your computer can scan the memory and discs
for any viruses that could be potentially harmful to your computer. The
software would then remove any viruses found. However it is important to
regularly update your virus software, as new viruses are being discovered all
the time which old pieces of software may not be programmed to check for. ·
Stopping people
downloading files/placing files from discs onto the hard drive of the computer
? This would be a very effective way of preventing viruses, as no unauthorised
or potentially damaging software would be allowed onto the computer, as long as
people did keep to the rules. ·
Backing
up the system daily ? This wouldn?t necessarily stop viruses within the system,
but in the event of the system being destroyed then it would be easy to quickly
replace everything that has been lost as it would be backed up on discs. ·
Have
one stand alone PC where discs can be checked for viruses, therefore if there
happens to be a virus on the disc it will only affect the one PC and not bring
a whole network down. ·
Using
user names and passwords that are unique. Therefore nobody would be able to
access the system without authorisation since they would not know these pieces
of information. ·
Setting
up a firewall on the system. This is a device that would monitor the ports of
your computer and block unauthorised access. It can keep track of all data that
enters or leaves your network, and even stop this data from doing so, therefore
if you did get a virus on your computer you would have monitored when it was
received and where it came from. Backing up dataData needs to be
backed up regularly. This is so that if the data is ever lost due to a virus,
or accidental deletion, loss or corruption, it can easily be replaced. This
would save a lot of time in re-producing all of the lost data, and if data were
backed up every evening then it would only be one days work maximum that would
ever be lost in the event of one of the above happening. Even
if your PC is password protected it can still be hacked, and files lost this
way as many programs make this process very easy. You can help to keep
your data safer by backing up data every time you save a piece of work. You can
back up data onto either floppy discs or if you have a CD writer, onto CDs. If
you back up onto re-writeable CDs then you can overwrite these backups once you
add to your work. Physical safeguards Some
of the following physical safeguards could be used to look after data: ·
Files locked
away/discs kept in a locked room ·
Write protect floppy
discs, this involves moving a small tab so that data cannot be written onto the
disc. ·
The small tab that is
on tape cartridges can be snapped off which will prevent data from being over
written. ·
The computer could be
password protected so that nobody without the correct password would be able to
use the computer ·
Peripherals such as
the mouse or the keyboard could be removed, which would prevent anybody from
using the machine unless they had spares with them, which would be unlikely. Safeguarding the
network An
organisation could safeguard its network from who used it by: ·
Using firewalls ?
These could be used to stop data coming into and going out of the network.
Therefore hackers would not be able to gain access to the network, as the firewall
would stop them. ·
Give every person
that is going to use the network a unique username and password. Then anybody
that didn?t know the passwords would be unable to gain entry to the network.
Also the server administration could allow different people access to different
things throughout the network to limit and track damage that could be done. Passwords Passwords
are used to limit who can gain access to a computer.? For a password to be effective it would have to be changed
regularly and be difficult for another person to guess. However there are
programs that can guess passwords very quickly through word lists that are
programmed into them. To combat this the number of attempts there can be at
entering the password can be limited. For example, on the
school network each pupil has a separate folder with a unique username and
their own password. If anybody tries to gain unauthorised access to a folder
placed on the network they would first need to know a username, and a password
that goes with it, finding these could be a difficult task. Integrity of data Data
can become inaccurate in some of the following ways: ·
Mistakes in
collecting data ·
Transmission errors ?
These types of errors would occur when data, which has been sent from one
device to another, is changed during transmission due to a hardware
failure.? For example files being sent
across the Internet from one computer to another may become corrupt through
sending, which would render them unusable. ·
Read errors ? When
data is misread. ·
Transcription errors
? These are errors that are made whilst the data is being entered, for example
people simply making a typing error and not realising. The
consequences of inaccurate data could be that, in the example of a company such
as a bank having wrong data, their customers becoming annoyed, and the company
losing money. The company could also be arrested under the data protection act. Verification,
validation and input masksVerification is when
a human, through proofreading, checks data. You can do this in several ways: ·
Proof read the work
on the monitor or on a print out ·
Check work on a
monitor/print out with a manual copy ·
Get somebody else to
check the work for you. ·
Two people typing in
the same data, and if the data is the same it is accepted for processing. The
only drawback to this is the unlikely event that the two people actually make
the same mistake, and the wrong data is inputted.The advantages of
verification are that data is less likely to be inaccurate. For many companies
such as banks, data being accurate is crucial. However, it does take
time to check all the data, and in cases such as having two people entering the
data, this is using another person that could be doing other more important
work, and two wages need to be paid which would lose money.Validation
can be used in a database, where you set up the fields in a database so that
only certain information can be entered. It?s a check by the actual computer
program and makes sure that the data is allowable. There
are many different checks that can be performed: ·
Character
type check ? This check will make sure that the correct characters are entered
into the computer. ·
Length
check ? Where the length of the word that has been entered is checked, and if
this is incorrect an error message is displayed. For example when filling in a
form, if the question ?what sex are you? was asked, there are only two possible
answers, male or female, so we know that the maximum number of letters that
could be entered into this field would be 6. ·
Range
check ? You can perform this check on number, to make sure that they are within
a certain range. For example, upon entering peoples ages, there are not likely
to be any people older than 130, so you could set it up so that this anything
higher than this number could not be inputted. ·
Presence
check ? When a code is entered that checks if there is actually something in
the field. This would be used in a field which must have some data entered into
it, such as a primary key field which would define each entry into the
database. ·
List
check ? This only allows certain data to be entered. For example, ?Title.? We
know that there are only a certain amount of titles which could be entered, Mr,
Mrs, Miss, etc. So we could enter them all into the computer, and if anything
else was entered an error message would be displayed and the data could not be
entered.The
advantages of validation: ·
There
is less chance of making typing errors as the computer checks all your data for
you, and you do not have to look through the document so carefully for errors,
therefore this is a timesaver.Disadvantages: ·
Validation
rules can take a little time to set up. ·
They
also do not guard against typing errors completely.Input
masks allow you to actually design the way that data should be entered into
certain fields. Data can be entered exactly how you wish it to be, with
capital letters, or brackets, or percentage signs. The
advantages of input masks are that: ·
They
allow data to be entered quickly, you would not have to keep pressing the shift
key for capital letters if you set up input masks to capitalise in certain
places. ·
All
of the data will be accurate and consistent, providing you set up the input
masks correctly, as the input masks will make sure that all of the data is the same. ·
You
do not need to waste time checking all of the data, as it is certain that it
will all be correct.The
disadvantages of input masks are: ·
When
entering names, you could set it up so that the first letter of the 1st
name, and the 1st letter of the surname are capitalised. However
when it comes to names such as McHugh, the check would not allow the third
letter of this name to be capitalised. ·
Like
validation rules, they can take a considerable amount of time to set up; time
that could be better spent doing other things.The
following characters can be used to set up input masks. 0
? A number required 9
? A number optional L
? Letter must be entered ? ? A letter optional. > – A capital letter < – A lowercase letterIf you wanted to set an input mask up for a postcode, you
would do so in the following manner: An example of a postcode may be CW5 6JY. The input mask for this would be LL09 0LL The ?Ls? for capital letters, and the 9 would be there since
some postcodes do have an extra number on the end, but not all therefore the
number would be optional.