Professional Documents
Culture Documents
IT Is Gr8! at Grade 11 - Module 1.3 (Computer Management)
IT Is Gr8! at Grade 11 - Module 1.3 (Computer Management)
• We need to protect data against loss, but we also need to ‘protect’ its
accuracy.
Category of threat to data:
Unauthorised access to data
• Unauthorised physical access
• Hackers and crackers
• White-, Grey- and Black hat
• What does the law say?
• Why do people hack?
Category of threat to data:
Malware threats
• Malware (Malicious software) – Definition
• Virus: attaches to file, spreads, activated by user
• Computer worm: can spread without the help of a user, e-mails itself to
everybody, uses memory/bandwidth
• Spyware: keyloggers are dangerous spyware that record what you do and
reports back to a 3rd party
• Trojan: disguised as a useful program
• Rootkit: collection of programs, infiltrates and controls computer by gaining
administrator rights
Category of threat to data:
Human issues
• Neglecting backup
Software issues
• Software bugs
• GIGO
ACTIVITY 1
Complete activity
What can we do?
Backup, backup, backup ….
• Disc imaging
• Backup software
• Scheduled
• Incremental
• Compressed
• Online backup
• Dropbox, SkyDrive, Box
• Tips
• Backup only data
• Auto or schedule
• External devices
• Archive
• Confirm that backups work
What can we do?
Restricting access to data
• Physical measures
• Access control
• Lock it up!
• Biometric devices
• Software measures
• Strong passwords
• Rights and permissions
• Encryption
• Substitution code, Ceasor
• PGP
• Longer encription key
• SSL
• 128 bit key
• 2128 possibilities
• 3 000000000000000000000000000000000
What can we do?
Reducing malware threats
• Anti-malware
• Anti-virus
• Anti-spyware
• Update!!!
• Operating System updates
• Software updates
• Firewalls
• What are they?
• Firewall software
• Firewall hardware
What can we do?
Reducing the ‘human risk’ factor
• Precautions – use common sense
• Precautions when you are online
• Personal information, hyperlinks, meeting in person, websites’ privacy
notices, use secure sites, phising emails, privacy settings in browsers, privacy
settings on social networking sites.
• Avoid social engineering
• Be cautious, protect personal information, look at links carefully, educate
yourself, “If it sounds to good to be true – it probably is”, anti-spam
What can we do?
Protect your hardware
• UPS
• RAID
• Mirroring
• Striping
What can we do?
Designing quality software
• Make sure it works
• Correct output
• Reduce GIGO
• Handle the unexpected
• Validation versus verification
• Defensive programming
• Validate data data
• Get data from instrumentation
• Let users verify it
• Cross-checking
• Methods for data validation
• Minimise user input
• Default values
• GUI-controls
• Data from other systems
• Format checks
• Input masks
• Data type checks
• Numbers
• , or .
• Text
• Range checks
• M or F
• Older than 120?
• Presence check
Complete activity
ACTIVITY 2