ICDL Module 1 (IT) lec (4)

Security
1.7.I Information Security
1.7.1.1 Understand the term information security and the benefits to an
organisation of being proactive in dealing with security risks such as:
adopting an information security policy with respect to handling
sensitive data, having procedures for reporting security incidents,
making staff members aware of their responsibilities with respect to
information security.
What is information security?
• This is a general term which covers all aspects of computer security. It covers protection
against viruses and hackers, password and access control policies as well as
procedures for the regular backing up of your data (to guard against computer failure)
Advantages of proactive information security
• A proactive information security policy anticipates problems and attempts to guard
against future problems, as opposed to discovering a problem and then trying to deal
with the problem 'on the fly'.
Passwords
• If your computer has a password which prevents other users from accessing it then do
NOT give this password to anybody else. Do not write the password on a card and prop
this up next to the monitor and above all do not attempt to hide your access passwords
on the underside of your desk (this is the first place most criminals would look if trying to
break into your system). Make sure you do not forget your passwords; in many cases,
data cannot be recovered once the password is lost.
The Importance of shutting down your computer
• When you are using a Windows based system it is important to remember that just
switching off the computer or losing power due to a power cut (power outage) can cause
loss of data. To protect against this you should save your work regularly. Many programs
have a facility which automatically saves your work; say every 10 minutes (or any time
interval which you specify).
• Some operating systems, such as the later versions of Windows 95 and also Windows
NT have a facility which will automatically detect that the computer was not properly shut
down the last time it was used. If this situation is detected, then a special recovery
program will be run which will attempt to fix any damage caused by the power cut.
• When using Windows 95 or Windows NT, you MUST always use the shutdown
command (located on the Start menu) to close down the operating system, before
switching off the power.
What is a UPS?
• A UPS (Un-interruptible Power Supply) is a device which you can attach to your
computer which will guard against power cuts (or indeed someone tripping over your
power cable and pulling the plug out). It contains batteries which will keep your computer
alive long enough for you to use the shutdown command and turn off the computer in the
proper way. This is especially important for PCs on a network which might provide data
for many users on the network.
Electrical surge protection
• The voltage which is supplied to your computer via the power cable can vary from time to
time, and there are occasional power surges. Power surge protection devices are readily
available and offer low cost protection again these occasional power surges.
Things computers like
• Good ventilation
• Clean environment
• Stable, vibration free surface
Things to avoid
• Dust
• Drinking and eating over the keyboard
• Heat, Cold
• Moisture
• Do not move the system while it is switched on.
• Do not just switch the computer off at the mains. Follow the correct shutdown procedure
or data could be lost.
• Do not place objects on top of monitors. This could block the ventilation holes and cause
it to overheat.
• Do not place floppy disks near monitors. Monitors produce a strong electromagnetic
field, which can damage floppy disks.
What to do if the computer breaks down
• If you are working within a large organisation, you should be aware of the company’s
policy if the computer suddenly breaks down. Many large companies have a special
computer support department and you should make sure that you know how to contact
them in case of emergency.
In many smaller organisations, the situation is much less formalised. If you are not
qualified to make repairs on the computer, do NOT attempt to open the computer case
and investigate. This is especially true of the computer monitor, inside are many
components operating at VERY HIGH VOLTAGES, which can kill. If in doubt, get a
qualified technician to fix the problem.
• Prior to contacting your computer support staff you may (if authorised by your
organisation) check that the various external components, such as the mouse, keyboard,
monitor and network connections are in fact properly connected to the back of the
computer. A very common complaint to support groups is that the screen is not working.
You may wish to check that someone has not inadvertently switched off the screen, prior
to ringing the support group. One of the more common reasons for a network not
working is that someone (maybe an overnight cleaner) has accidentally pulled the
network cable out of the back of a computer.
Dealing with security problems
• In any organisation there should be clearly defined policies for the detection of security
problems, and what to do if a problem is noticed. Security problems may range from the
physical presence of unauthorised persons in an office, through to suspicion of
attempted unauthorised electronic entry to your computer networks.
In all cases you should know whom to contact, and how to contact the relevant person,
so that the matter can be investigated further.
Responsibilities for dealing with security problems
• If you are reporting a security problem, you should do so without delay, to the relevant
person within your organisation. If you are responsible for dealing with reports of security
incidents, you should always take action immediately, and follow the correct procedure
within your organisation for investigating any problems.
Security rights and obligations
• If you are working for a large organisation you have both rights and obligations to the
organisation. For instance does an employer have the right to video film and record
employees without their permission? Can an employer read all email sent and received
by employees? Can an employer monitor what Internet sites an employee is accessing?
The employer must make clear the security obligations of employees, such as keeping
network ID and logon passwords secure and how to report security incidents.
1.7.1.2 Know about privacy issues associated with computers, such as
adopting good password policies. Understand what is meant by user ID
and differentiate between user ID and password. Understand the term
access rights and know why access rights are important.
User IDs and passwords?
• A User ID is normally used to logon to a computer, or computer network. It uniquely
identifies you to the network. In addition you use a password which is only known to you.
The password guarantees that no one can access the network and impersonate you (in
theory). Once you have logged on (i.e. connected) to the rest of your computer network,
you will have been assigned access rights to the network. Your network administrator will
have defined these access rights. The idea of access rights is that you only have the
ability to connect to, or share, devices which you have authority to use. In other words,
the network administrators often have access rights to just about every computer, printer,
modem etc on the network. You on the other hand may have access rights to print to
only certain, specified printers and you may be able to access only certain data held on
the network.
Choosing a secure password
• Your password is the only thing which will prevent someone else logging into a computer
using your user ID and impersonating you. It is important to choose a password which
cannot be easily guessed by other people. Ideally a password should be at least 8
characters long & contain a mixture of words and numbers. It is also recommended that
you change your password regularly; some computer systems will require you to change
your password periodically.
How secure is your software?
• Microsoft Windows does seem notoriously easy for talented hackers to crack. It seems
that there are rather too many 'fixes' which companies such as Microsoft release and
then ask you to install to help plug some of the holes in their in-built security. As soon as
you connect a computer to a computer network or the Internet your risk of attack
increases. Applications are also vulnerable to attack. For instance there are some virus
programs which explore security weaknesses within Microsoft Word to spread
themselves and infect your computer.
How do your manage data securely?
• Make sure that there is a policy in place for the management of sensitive data, especially
if it involves the transmission of the information beyond your organisation. If you are
sending a fax or email, be sure that the message contains your contact information, and
a message describing the contents as confidential, with instructions for what to do if the
recipient has received the message in error. Logs should be kept of all faxes and emails
sent and received. Sensitive printed materials should be clearly marked, maybe with a
watermark saying CONFIDENTIAL or DRAFT ONLY.
How do you dispose of data securely?
• Floppy disks: If you perform a full re-format on a floppy disk, this will remove the data.
However be aware that there are programs available which will undo the effect of this
formatting. The only way to be sure that the data is removed is to physically destroy the
floppy disk.
Hard disks: If you delete a file, then it is actually only moved to the Recycle Bin. As a
first step, empty the Recycle Bin of deleted files. Even where a file appears complete
deleted, it can still often be recovered using specialist data recovery programs. Be
warned. If you are disposing of an old hard disk which used to contain sensitive data, the
safest way is to crush it.
Tape backups and removable drives (ZIP and JAZ drives): Apart from file deletion,
physical crushing of the media is the only totally safe way to guarantee that your data
remains secure.
Old Computers: When disposing of old computers, remove all data storage media and
crush them.
Paper output: Always put unwanted paper output through a paper shredder, prior to
disposal.
What is visitor control?
• When you let visitors into your building, they should always sign in. This is vital for fire
regulations, so that you know exactly who is in a building, in case of emergency.
• You can issue electronic badges to visitors. This often allows the movement of visitors to
be monitored electronically by your security staff. It can also be used to allow access to
certain areas of the building, but deny access to more sensitive areas.
• Electronic passes can also be used to control which members of staff have access to
which area of your building.
1.7.1.3 Know about the purposes and value of backing up data software
to a removable storage device
Why do you need to back up your computer?
• The most important thing which you store on your computer is information. Often the
contents of a hard disk can represent years of work. If the hard disk stops working one
day you could lose all those years of work. For this reason it is VITAL that you take
regular backups of the information which is stored on the computer. In large
organisations this backup procedure is normally performed automatically by your
computer support team, where the data is normally held on a centralised, networked
computer.
In smaller organisations, it is often up to the individual to organise some sort of data
backup. If nothing else is available, copy your files to a floppy disk and make sure that
these backup disks are stored away from the computer, ideally off-site. If there is a fire
and your office burns down, if your backup disks are stored next to the computer they too
will be incinerated.
Organising your computer for more efficient backups
• When you think about it, you have a computer containing many programs and also a
large amount of data which you have created, then it is only the data which really needs
to be backed up. If you create a folder structure which contains only data then only this
directory (plus any sub-directories of this directory) needs to be backed up.
Complete vs. incremental backups
• A complete backup means which you backup all the data on your computer. This has the
advantage that the entire hard disk can be backed up, but suffers from the disadvantage
that this process can take a long time if your computer contains a lot of data. An
incremental backup means that once a week you can perform a complete backup, but
every night for the rest of the week, you only backup files which have been newly
created or modified since the last backup, saving time. With the right backup software,
this process is automatic, and normally you only have to select full or incremental.
Why you should use 'off-site' storage?
• It is no good backing up your data only to leave the item which you backed up to next to
the computer; if someone steals your computer it is likely that they will also steal your
backups too. If you have a fire, then again you will lose your backups if the backups are
stored next to the computer. Ideally, backups should be stored off-site at a safe location.
At the very least, consider storing your backups in a fireproof safe, which will give some
protection against fire damage.
Beware of 'open files'
• You should perform backups at night. If you backup your computer during the day (when
you are using programs on the computer) then any program or data files which are in
use at the time of the backup will not be backed up. The backup program will skip these
'open' files.
1.7.1.4 Be aware of possible implications of theft of a laptop computer,
PDA, mobile phone such as: possible misuse of confidential files, loss
of files, loss of important contact details if not available on a separate
source, possible misuse of telephone numbers.
What if your laptop is stolen?
• If there was no start-up password then all the data on the computer could be at risk. The
same goes for important/sensitive documents; if these were not individually password
protected they could also be vulnerable. If you work within a large organisation, always
report an incident of this type immediately to your technical support department.
What if your mobile phone is stolen?
• Call your technical support department if working for a large organisation. If you work
alone, then call the phone network operator and report the phone as stolen.
1.7.2 Computer Viruses
1.7.2.1 Understand the term virus when used in computing and
understand that there are different types of virus. Be aware when and
how viruses can enter a computer system.
What are computer viruses?
• Viruses are small programs which hide themselves on your disks (both diskettes and
your hard disk). Unless you use virus detection software, the first time that you know that
you have a virus is when it activates. Different viruses are activated in different ways. For
instance, the famous Friday the 13th virus will activate only when it is both a Friday and
the 13th of the month.
BEWARE: Viruses can destroy all your data.
How do viruses infect PCs?
• Viruses hide on a disk and when you access the disk (either a diskette or another hard
disk over a network) the virus program will start and infect your computer. The worst
thing about a computer virus is that it can spread from one computer to another, either
via use of infected floppy disk, or over a computer network. The Internet allows you to
access files from all over the world and you should never connect to the Internet unless
you have a virus-checking program installed on your computer. It is vital to keep your
virus monitoring software up to date. Many anti-virus programs, such as Norton Anti
Virus allow you to update the program so that the program can check for recently
discovered viruses.
More Information:
McAfee Anti-virus software http://www.mcafee.com
Norton Anti-virus software http://www.symantec.com/avcenter
Dr Solomon anti-virus software http://www.drsolomon.com
How to prevent virus damage
• There are a number of third party anti-virus products available. The main thing about
your virus checker is that it should be kept up to date. Many companies supply updated
disks on a regular basis or allow you to receive updates automatically via the Internet.
To make a diskette read-only
• If you are using 3 1/2” diskette (floppy disk), there is a notch which can be opened or
closed which may be used to protect the disk. To protect the contents of the disk move
the notch to the open position (you should be able to see through the hole).
To password protect your computer
• You can set a power-on password on your computer. The mechanism for setting this will
vary from one computer to another, and is determined by the makers of the computer,
rather than by Windows. The advantage of a power-on password is that the computer
will not boot to Windows until you supply the correct password. This means that no one
else can play around with your computer and in the process accidentally infect it with a
virus.
1.7.2.2 Know about anti-virus measures and what to do when a virus
infects a computer. Be aware of the limitations of anti-virus software.
Understand what ‘disinfecting’ files means.
How do your protect computers from attack?
• The safest way to use a computer is to not connect it to a Local Area network or the
Internet. This is called a 'stand-alone' computer, providing that you do not use floppy
disks on that PC which have been used in other computers, this type of computer is
virtually immune from any form of intrusion.
• Unfortunately it is the ability to connect to other computers or indeed the Internet, which
makes the modern computer so versatile and so useful.
• Always make sure that all computers require an ID and password to access them. Make
sure that all relevant 'security patches' from Microsoft have been applied.
• Make sure that the password is long enough, contains a random mixture of numbers and
letters, and that the passwords are changed on a regular basis.
• There are many examples, where people have used passwords which relate to
something personal, such as a partner’s first name, the dog’s or cat’s name, etc. For a
determined, serious computer hacker, these are easy to guess. If you have a system,
where lots of different passwords are required to access the system, then security often
breaks down and computer users will sometimes keep a list of these passwords in their
disk. This defeats the whole object. If you forget your network access password, the
network administrator should be able to assign you with a new one.
What to do if you discover a virus on your computer
• If you discover a virus on your computer don’t panic. If your virus checker alerts you to a
virus, then the chances are that it has caught the virus before the virus could infect your
computer and cause damage. For instance you may insert a diskette into your computer
and the virus checker should automatically scan the diskette. If the diskette contains a
virus, a message will be displayed telling you that the diskette is infected, and it should
automatically remove the virus. The other common method of infection is via emails.
• If you work within a larger company, you should have a company IT support group which
will come and rid your computer of viruses. Be sure that you are familiar with your
company’s policy regarding viruses.
The limitations of anti virus software
• Anti virus software can only detect viruses (or types of viruses) which the software knows
about. As such it is vital that you keep your anti virus software up to date so that it can
detect new viruses which are constantly appearing.
What is virus disinfecting?
• Running a virus checker on a machine which contains a virus is known as disinfecting
the PC, as the virus program will detect, and then eliminate the virus.
1.7.2.3 Understand good practice when downloading files, accessing file
attachments, such as: use of virus scanning software, not opening
unrecognised e-mail messages, not opening attachments contained
within unrecognised e-mail messages.
Anti-virus Precautions
• You should have an anti-virus program installed on your computer. This should be
updated on a regular basis, so that the anti-virus program is aware of new viruses which
are in circulation. Even the best anti-virus program will only offer protection against
known viruses or viruses which work in a particular way. New types of viruses are
constantly being developed which may attack your computer in new and novel ways.
Your anti-virus program may not be able to defend you against every possibility. Be
warned, if you are connected to a Local Area Network (LAN), or to the Internet you are
vulnerable.
Make sure that your virus checker is configured so that as well as scanning your
computer for viruses when you first switch on your PC, it remains active in the
computer’s background memory, constantly looking for signs of virus attack. This is very
important when connecting to the Internet.
Take care when opening emails:
Be very cautious about opening unsolicited emails, especially if they contain file
attachments. A good anti-virus program should detect most threats from virus-infected
emails.
Beware of Internet Downloads:
Any file which you download from the Internet may in theory contain a virus. Be
especially careful about downloading program files (files with a file name extension of
.COM or .EXE). Microsoft Word or Excel files can contain macro viruses. Basically trust
no one when it comes to downloading files. Do not connect to the Internet unless you
have a good anti-virus program installed on your computer.

No comments:

Post a Comment