Keeping Data Safe
Access Levels
- Access levels are used to restrict access to sensitive information to only authorised personnel
- This helps to prevent unauthorised access, which is one of the main security threats to data
- Access levels can be set based on a user's role, responsibility, or clearance level
- This allows the user to open, create, edit & delete files
- This only allows the user to open files without editing or deleting
- This hides the file from the user
- Full access
- Read-only access
- No access
Anti-Malware
- Anti-malware solutions are used to prevent and remove malware, which is a common type of security threat to data
- Anti-malware software includes anti-virus and anti-spyware programs, which help to detect and remove malicious software from a computer system
- This software works by scanning the computer’s files and any files being downloaded and comparing them to a list of known malware
- If any malware is found, it is quarantined to prevent the spread
- The malware is then deleted
Authentication
- Authentication is used to ensure that only authorised users can access data
- There are several methods of authentication:
- Passwords are used to protect sensitive data by preventing unauthorised access. A strong password should be complex, unique, and not easily guessed. Passwords should be changed regularly, and users should avoid reusing passwords across multiple accounts.
- Biometrics uses biological data for authentication by identifying unique physical characteristics of a human such as fingerprints, facial recognition, or iris scans. Biometric authentication is more secure than using passwords as:
- A biometric password cannot be guessed
- It is very difficult to fake a biometric password
- A biometric password cannot be recorded by spyware
- A perpetrator cannot shoulder surf to see a biometric password
- Two-factor authentication (2FA) requires users to provide two forms of authentication before accessing data, such as a password and a verification code sent to a mobile device. This provides an extra layer of security and reduces the risk of unauthorised access. 2FA is widely used to protect online accounts, such as email or banking.
- These methods help to prevent unauthorised access and protect sensitive data
Automating Software Updates
- Automating software updates ensures that software systems are up-to-date with the latest security patches, which helps to prevent security threats
- This is especially important for operating systems and software that are frequently targeted by hackers
- It does this by scanning the Internet for known updates to software which are installed on the computer
- If any updates are found, these can either install automatically or notify the user to install them
Communications
- Checking the spelling and tone of communications is important to prevent phishing attacks
URL
- Checking the URL attached to a link is another way to prevent phishing attacks.
- Hackers often use fake URLs to trick users into visiting fraudulent websites
- e.g. http://amaz.on.co.uk/ rather than http://amazon.co.uk/
Firewalls
- A firewall can be software or hardware based
- It monitors incoming and outgoing traffic between the computer and the network and keeps a log of the traffic
- The user sets criteria for the traffic (this is called the whitelist/blacklist) and the traffic is compared with this
- The firewall will accept or reject the traffic based on this and an alert can be sent to the user
- It can help prevent hacking and malicious software that could be a threat to the security of the data
Privacy Settings
- Privacy settings are used to control the amount of personal information that is shared online
- They are an important measure to prevent identity theft and other forms of online fraud
- Users should regularly review their privacy settings and adjust them as needed
Proxy-Servers
- Proxy-servers are used to hide a user's IP address and location, making it more difficult for hackers to track them
- They act as a firewall and can also be used to filter web traffic by setting criteria for traffic
- Malicious content is blocked and a warning message can be sent to the user
- Proxy-servers are a useful security measure for protecting against external security threats as it can direct traffic away from the server
Secure Socket Layer
- SSL is a security protocol which is used to encrypt data transmitted over the internet
- This helps to prevent eavesdropping and other forms of interception
- SSL is widely used to protect online transactions, such as those involving credit card information or other sensitive data
- It works by sending a digital certificate to the user’s browser
- This contains the public key which can be used for authentication
- Once the certificate is authenticated, the transaction will begin
Physical Methods
- Physical methods are used to physically protect hardware that stores sensitive data
- This can include:
- Locked rooms needing a key or card access
-
-
- CCTV
-
-
-
- Bodyguards
-
Backup
- This is the process of making a copy of files in case something happens to the original ones
- Backing up data is important to protect against data loss due to hardware failure, cyber-attacks, or other disasters
- Backups should be stored in a secure location, and multiple copies should be made
- Regular backups ensure that data can be recovered in the event of a security breach or data loss