Usernames - to provide
each user with their own area on the hard disk to store work; to
restrict access to the rest of the system; to prevent them from
deleting or installing programs and other files; to prevent them
from changing the way the computer is set up.
Passwords - a secret
combination of letters and/or numbers known only to the user to
protect their own work files from tampering by other users.
Similarly, cash-point cards have a personal identity number (PIN)
to prevent other people using the card. There is usually a
restriction on the number of attempts allowed.
Modems - should be
disconnected either from the computer or from the telephone line
when not being used. This is the only way in for external hackers.
Backup copies - Work
files can be lost or damaged by system faults, malicious damage
or by the user making mistakes. Multiple copies should be kept,
by saving at significant stages in the development of the work,
using sequentially named files. They should be backed up at the
end of the work session by making copies onto a floppy disk.
Really sensitive work could then be deleted from the hard disk.
The floppy disk can be taken away and kept securely by the owner
in a safe place. Files on a network server should be backed up
onto a tape every night - normally a separate tape for each day
of the week so that there is more than one current copy.
Floppy disks - The
write-protection hole in the corner of the floppy disk should be
kept covered to prevent accidental wiping of the disk or the
introduction of viruses. The disk must be kept clean, dry and
away from magnetic fields or places where it might be physically
damaged.
Malicious
Software - these are computer programs written by very clever but misguided,
destructive people. (This
should not be confused with software bugs which are mistakes or errors in a program that might cause it to crash
unexpectedly - nothing's perfect!).
There are three main
categories of malicious software:
Computer viruses -
act in a similar way to living viruses (which take over the cells of a host organism and change their
behaviour). Once introduced into a computer, via a floppy disk,
email or the Internet, a virus will attach itself to a system file or
program. It then reproduces and spreads to other
programs on your hard disk and eventually onto all of your floppy
disks. They can alter the host program to make it do strange
things or to stop it working completely, some can cause the whole
hard disk to become scrambled. Also, as with living viruses, they
can wait quietly for months or even years until certain
conditions occur before they act - the "Friday the 13th"
and "AIDS" viruses being obvious examples. They can also disguise and
mutate themselves so that it becomes difficult for anti-virus software to detect
and destroy them.
Computer worms are
small programs that reproduce rapidly and spread throughout the system (just
like intestinal worms). Unlike viruses, they do not infect actual programs but
simply do undesirable things by themselves and fill up the hard disk until there
is no space left for the computer to use. A whole network system will slow down
and eventually stop working if its server's hard disk becomes infected.
A Trojan Horse,
(like the one used to attack the Greek city of Troy) is a program that pretends
to be something it is not. It will load instead of the expected program and do
something unwanted, like sending your password or bank account details to
someone, before loading the real program. The unsuspecting user may not know
what is happening, before it is too late. Unlike viruses and worms, Trojans do
not reproduce themselves.
Methods of
protection:
- Never
use a floppy disk given to you from an untrustworthy
source or pass floppy disks around between your friends.
- Never
start up a computer with a floppy disk left in the drive.
- Keep
the write-protection hole covered on floppy disks that
are used to store original "clean" programs -
so they can be reinstalled with confidence.
- Never open an email
attachment that comes from someone unknown or is not clearly explained in
the email message.
- Install
a virus protection program on your hard disk - this will
detect known viruses and typical virus activities. It may also "inoculate"
programs so that any changes can be detected as soon as
they occur. If the virus is a known one it may be removed from the file,
otherwise the infected file is "quarantined" for deletion before the virus can spread.
Hardware security -
protecting the computer itself by locks on doors and windows to
the room; using security bolts to fix the computer permanently to
the desktop; removing the keyboard and locking it away in a
cupboard at night or using the lock and key provided on most
modern computers.
The Data Protection Act
- became law in July 1984 to prevent personal information stored
on computer from being made freely available to anyone anywhere
in the world. You also have the right to see such information and
have any errors corrected. The act does not apply to data related to national security, crime
detection, immigration, salaries and income tax.
Hacking - is
the attempt by an unauthorised person to obtain entry into a
computer system in order to interfere with the programs or data
that are stored there. This is illegal and can result in a heavy
fine and prison sentence. To reduce the chances of this happening
the following measures should be taken:
- change
passwords regularly, using passwords with at least six
characters and that have no meaning which would make them
easy to guess.
- have
an automatic lockout if a password is wrongly entered
more than three times. This will prevent access by
password guessing software.
- disconnect
a modem if the computer system is left on and unused
overnight.