Data security refers to protecting data from loss or unauthorized access. Key threats include system crashes, malware, hacking, and human error. Methods of securing data include passwords, access controls, backups, encryption, firewalls, and physical security of devices and facilities. Software security focuses on authentication of authorized users and protection from malware through antivirus software and firewalls.
Data security refers to protecting data from loss or unauthorized access. Key threats include system crashes, malware, hacking, and human error. Methods of securing data include passwords, access controls, backups, encryption, firewalls, and physical security of devices and facilities. Software security focuses on authentication of authorized users and protection from malware through antivirus software and firewalls.
Data security refers to protecting data from loss or unauthorized access. Key threats include system crashes, malware, hacking, and human error. Methods of securing data include passwords, access controls, backups, encryption, firewalls, and physical security of devices and facilities. Software security focuses on authentication of authorized users and protection from malware through antivirus software and firewalls.
Data security refers to protecting data from loss or unauthorized access. Key threats include system crashes, malware, hacking, and human error. Methods of securing data include passwords, access controls, backups, encryption, firewalls, and physical security of devices and facilities. Software security focuses on authentication of authorized users and protection from malware through antivirus software and firewalls.
Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt
You are on page 1/ 7
DATA SECURITY
Data security refers to protecting data from destructive forces and unwanted actions of unauthorized users. Data needs to be protected from loss through accidental or malicious deletion, virus attacks hard disk or system failures, unauthorized access etc.
THREATS AND HAZARDS TO DATA
The following are among the threats to data security: 1. Data may get lost or damaged during a system crash - especially one affecting the hard disk 2. It can be corrupted as a result of faulty disk drives, or power failures 3. It can be lost by accidental deletion or overwriting of files 4. It can be lost or become corrupted by computer viruses 5. It can be hacked into by unauthorized users and stolen, deleted or altered 6. It can be destroyed by natural disasters, acts of terrorism, or war 7. It can be deleted or altered by employees wishing to make money or take revenge on their employer
METHODS OF SECURING DATA
i) Use of passwords (Access Authentication): A password is a secret word or string of characters that is used for user authentication/verification before the user can gain access to data. The password should be kept secret from those not allowed access. Passwords are used together with usernames by users in a log-in process that controls access to protected system data.
ii) Right of Access
This refers to the authorization you have to access different data files. Right of access helps determines who has the right to do what in relation to certain data or information. For example, database administrators may be able to remove, edit and add data while a general user may not have the right to do the same. Right of access in an organization is usually given/ specified by the system or database administrators. iii) Logs and Audit trails: An audit trail is a record showing who has accessed a computer system, when and what operations he or she has performed during a given period of time. An audit trail can also maintain a record of activity by the system itself. Audit trails are useful both for maintaining data security and for recovering lost transactions.
iv) Anti-virus programs
These are software used to prevent, detect and remove malicious software such as viruses which can interfere with or lead to the loss of data stored on a computer. Examples of anti-virus software include Norton, AVG, Kaspersky etc.
v) Encryption: This is the process of encoding (convert into a coded form) information stored on a device especially where the data is stored on a portable device or transmitted over a public network. The key to decrypt the data should be kept securely.
vi) Firewalls: A firewall is a software or hardware-based network security system that prevents unauthorized access to or from a private network. Such a system is very important where there is any external connectivity, either to other networks or to the internet.
vii) Physical Security:
This includes locking of offices and use of alarms, keeping computers or database servers in strong-rooms, use of security cameras and employing security guards where necessary.
viii) Data Protection Act
This refers to an Act of Parliament enacted to regulate the collection, processing, storage/keeping, use and misuse and disclosure of information relating to individuals that is processed automatically. The Act created a Commission-Freedom of Information Commission of Kenya-with the mandate of ensuring the implementation of the Act, to receive complaints regarding violations of the Act, institute legal proceedings and settlement concerning such violations. The Act, however, only applies to personal information held by public authorities and excludes private bodies.
The act contains eight data protection principles. The principles specify that personal data must be: i) Processed fairly and lawfully
ii) Obtained for specified and lawful purposes
iii) Adequate, relevant and not excessive
iv) Accurate and up to date
v) Not kept any longer than is necessary
vi) Processed in accordance with the individual’s rights
vii) Securely kept
viii) Not transferred to any other country without adequate protection.
ix) Data Back-up This refers to the copying and archiving of computer data in a secure location so that it may be used to restore the original data after a data loss event occasioned by either accidental or malicious deletion, system failure, virus attack, data corruption or natural disasters.
HARDWARE SAFETY Hardware safety protects the machine and peripheral hardware from theft and from electronic intrusion and damage. Hardware safety can be ensured through:
a) Safety Against Theft
Computers are very valuable and relatively portable they and can easily be stolen which would be made worse by the loss of the valuable data stored on them. Physical safety should be put in place such as locking the rooms, installing alarm systems and Closed Circuit Television Cameras (CCTV) where they are kept to prevent theft. The computers can also be bolted to benches or cabinets in order to make theft difficult.
b) Protection from Power Interruptions
The power delivered to computers should be stable and constant but sometimes fluctuations in power supply occur. For example, voltage surges and spikes, a blackout or brownout can cause a computer to shut down abruptly. Information that is stored only in short-term memory will be lost. As well, the fluctuation can physically damage computer components such as the power supply unit. Computer systems can be protected from such interruptions through:
i) Use of uninterruptible Power Supply (UPS)
A UPS is a device that allows a computer to keep running for at least a short time after the primary power source is lost. The device also provides protection against power surges and drops.
ii) Use of power surge protectors/suppressors
A surge protector or suppressor is an appliance designed to protect electrical devices from
voltage spikes caused by events like lightning strikes and short circuits. Voltage spikes might damage a computer’s electronic parts, melting plastic and metal parts or even corrupting the data stored on the computer. Surge protectors limit the voltage supplied to a device by either blocking the unwanted voltages or by shorting the voltages to ground.
c) Environmental Safety Computers also require the right balance of physical and environmental conditions to operate properly. Measures should be put in place to protect computers from fire, smoke, dust, excessive temperatures, high levels of humidity and electrical noise such as from motors. Such measures include installation of climate control systems and dehumidifiers, fire fighting systems etc.
d) Other physical measures include the disabling of USB ports or CD ROM Drives, installation of drive locks and case intrusion detection. This will help in protecting against unauthorized copying and transfer of data as well as preventing infection of the computer with viruses through portable storage devices such as pen drives.
SOFTWARE SAFETY Logical/Software Safety consists of software safeguards for a system, including user identification mechanisms and safety software. These measures ensure that only authorized users are able to perform actions or access information in a network or a workstation.
Elements of logical safety include:
a) Biometric authentication
Biometric authentication is the use of a user’s physiological features to confirm their identity before they are allowed access to a computer system. These features include software that verify user identification through fingerprints, eye retinas and irises, voice patterns, facial bone structure etc.
b) Token authentication
Token authentication comprises safety tokens which are small devices that authorized users of computer systems or networks carry to assist in identifying them as they log into the system. They include smart cards or small USB drives with built-in code generators and are inserted to the computer through USB ports.
c) Password authentication
This method uses secret data e.g. strings of character to control access to a system and is normally used together with usernames. The passwords are either created by the user or assigned by system administrators.
d) Access Rights e) Audit Trails f) Use of Safety Software
Safety software refers to any computer program whose purpose is to help secure a computer system or a computer network. Types of safety software include Antivirus software, Anti-key loggers, Anti-Spam software, Firewall systems etc
Examples of malicious codes include:
o viruses
A virus is a malicious program that replicates itself and spreads from one computer to another. They attach themselves to existing programs in order to spread. Viruses almost always corrupt or modify files on a targeted computer.
o Trojan horses
This is a type of malware (malicious software) that gains privileged access to a
computer system while appearing to perform a desirable function but instead installs a malicious code that allows unauthorized access to the target computer. They usually come as free software offers in some websites which users download and install on their machines.
o Worms
Worms are malware that spread themselves to other computers using computer networks and do not need to attach themselves to existing software. They harm networks by consuming bandwidth (by increasing network traffic etc) but do not attempt to change the systems they pass through.
o Rootkits
A rootkit is a type of malicious software that is activated each time your system boots up. Rootkits are difficult to detect because they are activated before the Operating System has completely booted up. A rootkit often allows the installation of hidden files, processes, hidden user accounts, and more in the systems OS.
Keyloggers
This is a type of malware that records (or logs) the keys struck on a keyboard, usually in a covert manner so that the person using the keyboard is unaware that their actions are being monitored and then the information is transmitted to the originators.
Anti-virus software include Norton, AVG, Kaspersky, MacAfee, Avast etc. These software programs are meant to prevent, detect and remove malicious software from computer systems. g) Firewalls A firewall is software or hardware-based network safety system that controls the incoming and outgoing network traffic by analyzing the data packets and determining whether they should be allowed through or not, based on set rules.
