Computer management –

safe-guarding our data

MODULE 1.3
Importance of data and information

• What would a loss of data ‘cost’ us??

• Possible to work without it?
• Time/effort to enter it again?
• Loss of clients’ trust?
• Confidential information? What would happen if a hacker got access to it?

• We need to protect data against loss, but we also need to ‘protect’ its
accuracy.
Category of threat to data:
Unauthorised access to data
• Unauthorised physical access
• Hackers and crackers
• White-, Grey- and Black hat
• What does the law say?
• Why do people hack?
Category of threat to data:
Malware threats
• Malware (Malicious software) – Definition
• Virus: attaches to file, spreads, activated by user
• Computer worm: can spread without the help of a user, e-mails itself to
everybody, uses memory/bandwidth
• Spyware: keyloggers are dangerous spyware that record what you do and
reports back to a 3rd party
• Trojan: disguised as a useful program
• Rootkit: collection of programs, infiltrates and controls computer by gaining
administrator rights
Category of threat to data:
Human issues

• Accidentally deleting files or reformatting a disk

• Neglecting backup

• Entering incorrect data

• Losing portable storage devices

• Not using strong passwords

Category of threat to data:
Human issues
Social engineering - Any attempt to manipulate or trick users into
installing malware on their computers or into giving sensitive or
personal information.
• Phishing
• Please log in to verify; Click on link
• Personal information is then
used to commit identity theft
• Spoofing
• Any technique to make it look like a message comes from a different source
Category of threat to data:
Human issues
Threats from social networking -
• Why are social networking sites prone to attacks?
• Millions of users
• Artificial level of trust
• Personal details displayed
Category of threat to data:
Natural disasters
• Can happen to anyone

• THIS IS WHY BACKUP IS SO IMPORTANT – and why it should be

stored
SOMEWHERE ELSE!
Category of threat to data:
Hardware issues
• Hardware failure
• Hardware theft
• Power problems

Software issues
• Software bugs
• GIGO
ACTIVITY 1
Complete activity
What can we do?
Backup, backup, backup ….
• Disc imaging
• Backup software
• Scheduled
• Incremental
• Compressed
• Online backup
• Dropbox, SkyDrive, Box
• Tips
• Backup only data
• Auto or schedule
• External devices
• Archive
• Confirm that backups work
What can we do?
Restricting access to data
• Physical measures
• Access control
• Lock it up!
• Biometric devices
• Software measures
• Strong passwords
• Rights and permissions
• Encryption
• Substitution code, Ceasor
• PGP
• Longer encription key
• SSL
• 128 bit key
• 2128 possibilities
• 3 000000000000000000000000000000000
What can we do?
Reducing malware threats
• Anti-malware
• Anti-virus
• Anti-spyware
• Update!!!
• Operating System updates
• Software updates
• Firewalls
• What are they?
• Firewall software
• Firewall hardware
What can we do?
Reducing the ‘human risk’ factor
• Precautions – use common sense
• Precautions when you are online
• Personal information, hyperlinks, meeting in person, websites’ privacy
notices, use secure sites, phising emails, privacy settings in browsers, privacy
settings on social networking sites.
• Avoid social engineering
• Be cautious, protect personal information, look at links carefully, educate
yourself, “If it sounds to good to be true – it probably is”, anti-spam
What can we do?
Protect your hardware
• UPS
• RAID
• Mirroring
• Striping
What can we do?
Designing quality software
• Make sure it works
• Correct output
• Reduce GIGO
• Handle the unexpected
• Validation versus verification
• Defensive programming
• Validate data data
• Get data from instrumentation
• Let users verify it
• Cross-checking
• Methods for data validation
• Minimise user input
• Default values
• GUI-controls
• Data from other systems
• Format checks
• Input masks
• Data type checks
• Numbers
• , or .
• Text
• Range checks
• M or F
• Older than 120?
• Presence check
Complete activity

ACTIVITY 2