COMPUTER SYSTEM SECURITY AND DATA PROTECTION

Computer security is concerned with the protection of hardware, software, and data.

Physical (hardware) security

1. Hardware theft (computer theft): Is the act of stealing computer equipment.
Protecting/safeguarding against hardware theft

❖ Use lockable doors in computer rooms

❖ Use of burglar doors and windows
❖ Install alarm systems
❖ Use cables to lock equipment to desks

Preventing computer theft

❖ Educate staff about security

❖ Use serial numbers on computers
❖ Use of identity cards to enter secure places

2. System Failure: Is the prolonged malfunction of a computer.

Causes:
❖ Aging of hardware
❖ Natural disasters such as fire, floods etc
❖ Electrical power problems; under voltage, over voltage and spike

Preventing system failure

❖ Use surge protectors for power variations

❖ Use UPS (Uninterruptible Power Supply) for under voltage and blackouts (a complete power
failure). Or use Standby Power generators.
❖ Use smoke detectors and gas flooding systems rather than water system as water will damage
computers in case of fire.

Software security
1. Internet and network security risks
a) Computer virus: a potentially damaging computer program that affects, or infects a computer
negatively by altering the way the computer works without the user’s knowledge or
permission.
b) Worm: A program that copies itself repeatedly, using up resources and possibly shutting
down the computer/network.
c) Trojan horse: A program that hides within or looks like a legitimate program. It does not
replicate itself to other computers.
d) Spam Electronic junk mail or junk newsgroup postings. Some people define even more
generally as any unsolicited e-mail. Real spam generally e-mail advertising for some product
sent to a mailing list or newsgroup. In addition to wasting people’s time with unwanted email
spam also eat a lot of network bandwidth. Consequently, there many organizations, as well as
individuals who have taken it upon themselves to fight spam with a variety of techniques. But
because the internet is public, there is really little that can be done to prevent spam

Symptoms of an infected computer

a) Screens display unusual messages

b) Music or unusual sounds plays randomly
c) Available memory is less than expected
d) Existing programs and files disappear

1
 e) Files become corrupted
f) Programs or files do not work
g) Unknown programs or files mysteriously appear
h) System properties change
i) Operating systems runs much slower than usual

Ways of Infection
The computer gets infected when the user:
a) Opens an infected file
b) Runs an infected program
c) Boots the computer with an infected removable media inserted in a drive or plugged in a port
d) Connects an unprotected computer to a network.
e) Opens infected email attachment.

Methods of Protection
There is no 100% safe method. But users can take the following precautions:
a) Do not start a computer with removable media inserted in the drive or plugged in the ports
b) Never open email attachment unless you are expecting the attachment and it is from a trusted
source.
c) Install an antivirus program and update it regularly. E.g. AVG, MAcFee, Norton anti-virus,
Symantec anti-virus

Methods of Eradication
a) Start a computer with a clean recovery disk, then scan and remove virus from a computer with
an up to date antivirus program
b) Reformat the hard disk. (If the above has failed)
c) Delete the virus form the register

2. Unauthorized access and Use of the computer

Unauthorized access is the use of a computer or a network without permission

Unauthorized use is the use of a computer or its data for unapproved or illegal activities e.g.
playing games/music/videos in the lab, surfing the Net without permission and downloading
programs and files, and installing them

Preventions
a) Write a use policy that outlines the computer activities for which the computer may not be
used for.
b) Use Access Controls: It is a security measure that defines who can access a computer, when
they can access it and what activities they can take while accessing it. Access controls have a
two phase process called Identification and Authentication.
❖ Identification verifies that an individual is a valid user
❖ Authentication verifies that the individual is the person he/she claims to be.
The three methods of access control are:

i. Usernames and passwords

A username/User |ID is a unique combination of characters such as letters of the
alphabet or numbers that identifies one specific user.
A password is a private combination of characters associated with the user name that
allows access to certain computer resources.

ii. Possessed objects

These are items that you must carry to gain access to a computer/computer facility.
E.g. cards (ATM cards, smart cards), and badges.

2
 iii. Biometric devices
Biometric is the technology of authenticating a person’s identity by verifying a
personal characteristic such as your fingerprint.
Examples: fingerprint reader, voice verification system, iris recognition system
etc.
*Biometric devices are the best methods of access control because they cannot
be forgotten or misplaced are unique.

3. Software Theft
It occurs when someone:
a) Steals software media
b) Intentionally erases programs
c) Illegally copies a program
Software piracy is the unauthorized and illegal duplication of copyrighted software.

Preventing software theft

a) Keep original medias in a safe location
b) Keep regular back ups of files and disks
c) Issue users license agreement( he right to use the software)

**Firewall is a hardware/software that protects a networks resource from intrusion by user on another network such
as internet.
Personal fire wall is a utility program that detects and protects a personal computer and its data from unauthorized
intrusions.
Firewalls are used to prevent unauthorized internet users from accessing private networks connected to the internet,
especially intranets.

Data security
Data security is steps or measures taken to ensure that data is secure from corruption, unauthorized access and
misuse.

The reasons why we need to protect data are:

• Bad business decisions
• Failure to receive payments
• Cash flow problems
• Late delivery of goods
• Bad publicity from the press
• Loss of goodwill from customers

Methods of security of data

I. Passwords: They allow computer access to only authorized persons.
Types of passwords include:
• Logon password: Password that allows the user access into the computer at the time the computer
is switched on.
• Access password: Password that allows access to a particular file/folder. This is when a user has
logged on to a computer.

Rules to consider when selecting a password

Change passwords regularly
Never write down your password
Do not use obvious names as your passwords e.g. surname, your first name,

3
 Do not use obvious passwords e.g. access, pass, enter, go in, etc

Characteristics of a strong password

• It must be long with at least 8 characters
• It must contain a combination of characters, i.e. letters and numbers.
• It must contain both (capital letters) uppercase and (small letters) Lowercase.
Examples: 2uMYluvd1, OnKAgeLEtse93.

II. Write Protecting Storage Medias

Write protecting storage medias would mean that data can not be written to or deleted from a storage media.
The common way of losing data is when a user deletes a file by mistake.
Examples of storage medias with write protection: Compact Disk Read only (CD R), Memory Stick with a
write protect lock.

III. Encryption
Encryption is the process of converting readable data into unreadable characters to prevent unauthorized
access.
Plaintext is unencrypted, readable data.
Ciphertext is encrypted (scrambled) data.
Decrypt is the process of converting encrypted data into plaintext.
Encryption key is a programmed formula that the recipient of the data uses to decrypt ciphertext.

Methods of encryption
a. Transposition: Switch the order of characters.
Example:
Plaintext Ciphertext Explanation
Software ostfawer Adjacent characters swapped

b. Substitution: Replace characters with other characters.

Example:
Plaintext Ciphertext Explanation
Information Jogpsnbujpo Each letter replaced with another

c. Expansion: Insert characters between existing characters

Examples:
Plaintext Ciphertext Explanation
User Uysyeyry Letter y inserted after each
character

Computer Crime

Computer crime is illegal act involving a computer. Computer crime exists due to the growth of information
systems, the move away from cash transactions and the ease with which transactions now take place.

Types of Computer Crime

1. Hacking – is the breaking into a computer by connecting to it and then logging in as a legitimate user.
2. Use of computer time for non-company purposes – when an employee uses company resources for
personal gain.
3. Software theft/Software piracy – is the unauthorized and illegal duplication of copyrighted software.
And
4. Hardware theft – is the act of stealing computer equipment and destroying computer equipment.
5. Information theft – occurs when someone steals personal or confidential information.
6. Electronic fraud – is the use of computer or communication system to commit fraud for financial gain.

4
 7. Credit card fraud

Protecting against computer crime

1. Checking via phone of special terminal whether a credit card was stolen, make people key in their
Personal Identification (PIN) or using fingerprint.
2. The Copyright, Designs a Patents Act makes it a criminal offence to copy or steal software.
3. Implementation of the Computer Misuse Act which maid it a criminal offence for anyone to access or
modify computer-held data or software without authority or to attempt to do so.
4. Most firms have introduced stringent precautions to ensure the security of their computer systems, and
indeed under the provision of the Data Protection Act they are legally required to do so.
5. Encryption of data and information
6. The use of firewall.

Back-up data
All micro-computers will suffer from at least one disk failure in their life time. It is therefore important to back-up
data

• A backup file is a copy of the original file which is kept in case anything happens to the original file then it
can be used to restore the data
o Can be kept on a floppy or a different hard disk
o Can be kept on a backup data tape
• Archive files are kept in long term storage in case they are required.
o Often from a back up data tape
• Back-up systems often use:
o Grandfather – Father – Son principal

Rules of back-up
i. Make two copies of back-up data on the hard disk
ii. Never keep back-up data near the computer
iii. Make two copies back-up data, one kept on site-in the office and another off site-outside the office.
iv. Most critical important data should be kept in a fire proof safe.

DATA SECURITY AND INTEGRITY

• Data Integrity is concerned with the correctness of data

There are a number of ways that errors can be introduced to a document:
- Misreading when typing from a source document
- File corrupt due to viruses
Thus data integrity looks for such mistakes
Other errors occur when:
-data is transmitted from one computer to another
-there are bugs in software
-There is hardware malfunction
-There is a natural disaster such as fire, and floods
- The computer is infected with viruses

Ways of minimizing these threads to data integrity

• Backup data regularly
• Control access to data via security mechanisms
• Design user interfaces that prevent the input of invalid data
• Use error detection and correction software

Data Security is concerned with keeping data from hazards that could destroy it.
e.g. viruses

5
DATA PROTECTION ACT

1. This act is based on the protection of personal data. The principle states that personal; data shall not be processed
until one of the following conditions are met:

• The owner of the information has given permission for the data to be processed
• The data controller has legal obligation to process the data
• The processing is necessary for the administration of justice or a gover5nment department.

2. Personal data shall be obtained for the specified or lawful purpose and can only be processed for the duty it has
been collected for.

3. Personal data shall be adequate, relevant and not excessive for the purpose it has been collected for.

4. Personal data shall not be kept for a period more than it was required for…

Type Definition Benefits Drawbacks

Restoration is fast, since you The backing up process is

A complete backup of everything you want to
Full Backup: only need one set of backup slow.
backup.
data. High storage requirements.

The backup software looks at which files have

changed since you last did a full backup. Then
creates copies of all the files that are different
Faster to create than a full
from the ones in the full backup. Restoration is slower than
backup.
using a full backup.
If you do a differential backup more than once, it
Differential Restoration is faster than
will copy all the files, or parts of files that have Creating a differential
Backup: using incremental backup.
changed since the last full backup, even if you backup is slower than
already have identical copies of those files in a creating an incremental
Not as much storage needed
previous differential backup. backup.
as in a full backup.
For restoring all the data, you will only need the
last full backup, and the last differential backup.

Restoring from
The backup software creates copies of all the incremental backups is the
files, or parts of files that have changed since slowest because it may
previous backups of any type (full, differential require several sets of data
This method is the fastest
or incremental). to fully restore all the data.
when creating a backup.
Incremental For example if you had a
Backup: For example if you did a full backup on Sunday. full backup and six
The least storage space is
An incremental backup made on Monday, would incremental backups. To
needed.
only contain files changed since Sunday, and an restore the data would
incremental backup on Tuesday, would only require you to process the
contain files changed since Monday, and so on. full backup and all six
incremental backups.