Professional Documents
Culture Documents
ICT
ICT
COMPUTER VULNERABILITY
Organisations must ensure their information systems are secure against various hazards,
both natural and man-made. Computer vulnerability is a weakness or flaw in one or more
computer systems, or connectivity to them, which can be used to gain access and damage
the system or its data. It includes hardware, software, data communications and users.
Vulnerabilities of systems and their data can be classified as external and internal. External
sources include natural disasters, lack of protection from electrical power surges and
spikes, and terrorist activities. Internal sources include errors by employees, no backup
procedures in place, hardware and software not kept in locked rooms, lack of anti-virus
programs, former employees whose passwords and security information have not been
removed from the system, and employees who attempt to fraudulently obtain money using
the company’s name.
DELIBERATE DAMAGE
Hacking is the unauthorised access and use of networked or stand-alone computer systems
to steal or damage data and programs. Deliberate damage can occur when security
monitoring is not enforced. Network access logs should be maintained by network
administrators to observe the resources being used and the time of their logging in and
logging out. Software access restrictions are necessary to ensure system security is
maintained.
ACCIDENTAL DAMAGE
Accidental damage to computer data can occur through errors by users, as well as viruses
transferred from secondary storage devices or the Internet.
DATA COMMUNICATIONS
Cyber security focuses on stopping threats that attempt to access a computer or other
systems in the network via the Internet. It protects the network by maintaining logs on
attacks and attempted breaches, monitoring sources of attacks and protecting against
future ones. Cyber threats are unauthorised attempts to access a system, device and/or
network via the Internet.
Countermeasures are physical or logical procedures that reduce or eliminate a threat. Data
protection refers to computer users who can protect their data against loss or damage, and
data protection laws set down rules about what information can be kept by others. These
measures should be taken to prevent or minimise threats.
SURVEILANCE
Computer surveillance involves the use of technology to gather information from the user
and from the computer, often without the user’s knowledge. Common approaches to
physical security include closed-circuit TV monitors, electronic alarm systems, computer-
controlled locks, biometric recognition, and access codes. However, there are some negative
consequences of computer surveillance, such as loss of privacy for the user, lack of security,
potential misuse of information, difficulty in determining the source and scope of
surveillance activities, and limited measures to prevent computer surveillance. There are
several techniques for surveillance, including monitoring software and hardware devices.