Computer Security

-Data, software and hardware have to be protected from various hazard or dangers
-These hazards can be natural or manmade
- Computer security is concerned with taking care of hardware, software and data

Security Threats to computer systems

i) Theft
ii) Dust and extreme temperature
iii) Fire and lightning
iv) Viruses
v) Hackers
vi) Hardware failure
vii) Software failure
viii) Electrical faults

Physical safeguards

1 Protecting computers from theft

i. Keep a note of all computer serial numbers, this can help identify stolen
equipment
ii. Use locks on doors and burglar bars on windows
iii. Use alarm systems
iv. Have few entrances to buildings
v. Use security badges
vi. All staff should be made aware of security and encouraged to question suspicious
behavior
vii. Keep backup copies and store them away from the computer

2 Protecting computers from fire

-Use fireproof doors these can contain fires

-Use smoke detectors, which can detect fire early
-store fire extinguishers close by

3 Protecting computers from dust and extreme temperatures

- Have an air conditioner installed
- Use curtains to avoid direct sunlight on hardware
- Cover your equipment after use

Software safeguards
Using antivirus
They prevent computer viruses from entering the computer system
Viruses damage computer files or copy and steal information from the computer

File level passwords

=discipline determination and hard work bears success= Sir Chambiro

They restrict access to individual files to those who have appropriate access permissions and
passwords

Usernames and passwords

Usernames and passwords allow authorised users into the computer system and those
unauthorised are forbidden to use the system.

Firewall
This is software or hardware or combination of both that filters the information coming
through the internet connection into the computer or network. Firewalls prevent unauthorised
users from gaining access. Some firewalls bock cookies, pop ups and spam (junk mail)

Data encryption
Is used so that if data is accessed by unauthorised persons it cannot be understood. Encrypted
data is scrambled during storage and transmission so that it cannot be understood by someone
without the encryption key to unscramble it.
Access permissions
Allow access to data but only to the minimum number of people who need it. Others are
blocked from accessing the data.

4 Virus
-A computer virus is a program that disrupts the functioning of the computer
-Mischievous programs the purpose of which is to disrupt the sensible use of computers
- a program designed to enter your computer and temper with your files without
your knowledge

What Viruses Do? Signs and symptoms of an of an infected computers

➢ Reduced memory
➢ Files are overwritten are damaged
➢ Data may be corrupted
➢ Slower system operations
➢ Reduced memory or disk space
➢ Files are overwritten or damaged
➢ Hard drive may be erased
➢ Data is modified /corrupted.
➢ Change files & date stamp

➢ Drive lights blink without reason

➢ Longer times are experienced when loading programs
➢ Slower system operation.

How are computers infected with viruses?

➢ Use of infected floppy diskettes on uninfected computers. Floppy disks or other media
that users can exchange.
✓ Downloading unknown files, when your computer is connected to the Internet.
✓ Opening an E-mail attachment. Email attachments.

=discipline determination and hard work bears success= Sir Chambiro

 ✓ Accepting unknown program installations from the internet
✓ Use of network files/direct connection/through networks.
✓ Software piracy [buying software from unauthorized agents]. Pirated software.
✓ Booting a PC from an infected medium.
✓ Executing an infected program.
✓ Opening an infected file.
✓ Shareware.

Measures taken to protect data from viruses

➢ Install a reliable ant virus software
➢ Never download unknown email attachments
➢ Scan all disks before use
➢ Avoid software piracy thus buy software from authorised dealers
➢ Boot the system from virus free disks
➢ Use write protect tab on floppy disks

Examples of Anti virus packages/software

1. Dr Solomon’s antiviral package
2. Norton Antivirus package
3. AVG Antivirus package
4. AVAST!
5. McAfee VirusScan
6. Eset Nod32
7. Avira
8. Panda Titanium
9. Windows defender
10. BitDefender

5 Protecting computers from hackers

-a hacker is an unauthorised user of a computer system who has broken into the computer
system.
This might be done by discovering a valid username and its associated password or by
bypassing them.
-hacking is an illegal activity
Computers can be protected from hackers by:
-Data encryption/Decryption
-Use of passwords

6 Protecting data from hardware failure

-Have spares in the warehouse

-Do regular servicing
-Have a disaster plan
-Run a hardware diagnostics frequently

7 Protecting computers from software failure

-Buy software from reputable vendors

=discipline determination and hard work bears success= Sir Chambiro

-Do regular backups
-Software diagnostics

8 Protecting computers from electrical faults

-Have standby generators
-Install UPS (uninterrupted power supply)
-Install surge protectors

Summary

Measures to ensure data security

1. Data encryption/decryption
2. Use of firewall- This is a program designed to prevent unauthorised access to
a computer or network
3. Use of usernames and passwords
4. Use of ant virus packages
5. Backing up files regularly
6. Keeping backup copies in a different location and making about three
generations of backup
7. Saving work frequently
8. Authorised entry to computer installations- this could be through use of card
readers, voice recognition systems, or keypads on doors that prohibit
unauthorised personnel.
9. Installing fire alarms
10. Lining computer rooms with fire resistant material
11. Use of locks on doors and burglar bars on windows
12. Having a security guard 24 hrs a day

Data integrity
–This is the process of making sure that data entered into the computer is correct
- This is done through verification and validation checks

Computer crime/fraud

- These are criminal actions accomplished through the use of computer systems e.g improper
transfer of funds from one account to another

Types of computer fraud/ crimes

1. Software piracy- this is illegal copying of software

2. Hacking- gaining illegal access to a computer system
3. Intellectual crime- cracking into a computer system for the purpose of
transferring or obtaining funds is a typical example
4. Writing and spreading computer viruses or worms
5. Manipulation of computer records

=discipline determination and hard work bears success= Sir Chambiro

 6. Salami slicing- This is the practice of stealing money repeatedly in small
quantities
7. Making and digitally distributing child pornography
Phishing
Phishing is done by sending a fraudulent email e-mail that pretends to be from bank or
another reliable source.
In the email you are asked to send personal information eg usernames, passwords
These are used for identity theft

What is identity theft?

Identity theft is the deliberate use of someone else's identity, usually as a method to gain a
financial advantage or obtain credit and other benefits in the other person's name, and perhaps
to the other person's disadvantage or loss

Pharming
Pharming is a scam in which malicious code is installed on a computer hard disk or a server.
This code has the ability to misdirect users to fraudulent websites, usually without their
knowledge or consent.
Whereas phishing requires an email to be sent out to every person who has been targeted,
pharming does not require emails to be sent out to everybody and can therefore target a much
larger group of people much more easily. Also, no conscious action needs to necessarily be
made by the user (such as opening an email), which means the user will probably have no
idea at all that have been targeted. Basically,
pharming works like this:
A hacker/pharmer will first infect the user’s computer with a virus, either by sending an email
or by installing software on their computer when they first visit their website. It could also be
installed as part of something the user chooses to install from a website (so the user doesn’t
necessarily have to open an email to become infected). Once infected, the virus would send
the user to a fake website that
looks almost identical to the one they really wanted to visit. Consequently, personal
information from the user’s computer can picked up by the pharmer/hacker.
Certain anti-spyware, anti-virus software or anti-pharming software can be used
to identify this code and correct the corruption.

Spam
Spam is electronic junk mail and is a type of advertising from a company sent out to a target
mailing list. It is usually harmless but it can clog up the networks, slowing them down, or fill
up a user’s mail box. It is therefore more of a nuisance than a security risk. Many ISPs are
good at filtering out spam. In fact, some are so efficient that it is often necessary to put
legitimate email addresses into a contacts list/address book to ensure that wanted emails are
not filtered out by mistake.

Spyware
Spyware is software that gathers user information through their network connections without
them being aware that this is happening. Once spyware is installed, it monitors all key presses
and transmits the information back to the person who sent out the spyware. This software also
has the ability to install other spyware software, read cookies and even change the default
home page or web browser. Anti-spyware
can be used to search out this software and correct the corruption.

=discipline determination and hard work bears success= Sir Chambiro