Information & Communication Technology 1996-2003

GCSE Revision


Security

Methods are needed to protect computer system and the data they contain both from theft or damage by malicious persons and from accidental loss or damage during normal use.

Together with a whole armoury of methods there are internationally agreed laws to help protect systems and data. To find out more, do a search for the following:

  • Data Protection Act 1984
  • Computer Misuse Act 1990

Usernames - to provide each user with their own area on the hard disk to store work; to restrict access to the rest of the system; to prevent them from deleting or installing programs and other files; to prevent them from changing the way the computer is set up.

Passwords - a secret combination of letters and/or numbers known only to the user to protect their own work files from tampering by other users. Similarly, cash-point cards have a personal identity number (PIN) to prevent other people using the card. There is usually a restriction on the number of attempts allowed.

Modems - should be disconnected either from the computer or from the telephone line when not being used. This is the only way in for external hackers.

Backup copies - Work files can be lost or damaged by system faults, malicious damage or by the user making mistakes. Multiple copies should be kept, by saving at significant stages in the development of the work, using sequentially named files. They should be backed up at the end of the work session by making copies onto a floppy disk. Really sensitive work could then be deleted from the hard disk. The floppy disk can be taken away and kept securely by the owner in a safe place. Files on a network server should be backed up onto a tape every night - normally a separate tape for each day of the week so that there is more than one current copy.

Floppy disks - The write-protection hole in the corner of the floppy disk should be kept covered to prevent accidental wiping of the disk or the introduction of viruses. The disk must be kept clean, dry and away from magnetic fields or places where it might be physically damaged.

Malicious Software - these are computer programs written by very clever but misguided, destructive people. (This should not be confused with software bugs which are mistakes or errors in a program that might cause it to crash unexpectedly - nothing's perfect!).

There are three main categories of malicious software:

Computer viruses -  act in a similar way to living viruses (which take over the cells of a host organism and change their behaviour). Once introduced into a computer, via a floppy disk, email or the Internet, a virus will attach itself to a system file or program. It then reproduces and spreads to other programs on your hard disk and eventually onto all of your floppy disks. They can alter the host program to make it do strange things or to stop it working completely, some can cause the whole hard disk to become scrambled. Also, as with living viruses, they can wait quietly for months or even years until certain conditions occur before they act - the "Friday the 13th" and "AIDS" viruses being obvious examples. They can also disguise and mutate themselves so that it becomes difficult for anti-virus software to detect and destroy them.

Computer worms are small programs that reproduce rapidly and spread throughout the system (just like intestinal worms). Unlike viruses, they do not infect actual programs but simply do undesirable things by themselves and fill up the hard disk until there is no space left for the computer to use. A whole network system will slow down and eventually stop working if its server's hard disk becomes infected.

A Trojan Horse, (like the one used to attack the Greek city of Troy) is a program that pretends to be something it is not. It will load instead of the expected program and do something unwanted, like sending your password or bank account details to someone, before loading the real program. The unsuspecting user may not know what is happening, before it is too late. Unlike viruses and worms, Trojans do not reproduce themselves.

Methods of protection:

  • Never use a floppy disk given to you from an untrustworthy source or pass floppy disks around between your friends.
  • Never start up a computer with a floppy disk left in the drive.
  • Keep the write-protection hole covered on floppy disks that are used to store original "clean" programs - so they can be reinstalled with confidence.
  • Never open an email attachment that comes from someone unknown or is not clearly explained in the email message.
  • Install a virus protection program on your hard disk - this will detect known viruses and typical virus activities. It may also "inoculate" programs so that any changes can be detected as soon as they occur. If the virus is a known one it may be removed from the file, otherwise the infected file is "quarantined" for deletion before the virus can spread.

Hardware security - protecting the computer itself by locks on doors and windows to the room; using security bolts to fix the computer permanently to the desktop; removing the keyboard and locking it away in a cupboard at night or using the lock and key provided on most modern computers.

The Data Protection Act - became law in July 1984 to prevent personal information stored on computer from being made freely available to anyone anywhere in the world. You also have the right to see such information and have any errors corrected. The act does not apply to data related to national security, crime detection, immigration, salaries and income tax.

Hacking - is the attempt by an unauthorised person to obtain entry into a computer system in order to interfere with the programs or data that are stored there. This is illegal and can result in a heavy fine and prison sentence. To reduce the chances of this happening the following measures should be taken:

  • change passwords regularly, using passwords with at least six characters and that have no meaning which would make them easy to guess.
  • have an automatic lockout if a password is wrongly entered more than three times. This will prevent access by password guessing software.
  • disconnect a modem if the computer system is left on and unused overnight.

BackUp Page last updated 30/03/2002 I.D.Lee, Didcot Girls' School
All rights reserved. The original material provided on this site may not be copied or redistributed without written consent but please feel free to add a link to this site from your own website.