Transcript IT Security for users Mod1 V5

1.1 System Performance
Security
Module 1 Version 5
Unwanted Messages

‘Spam' is unwanted bulk email

Unwanted email and other messages, or
'spam', can be received on the computer

Use anti-spam software to
protect the computer from the risk of
unwanted messages
1.1 System Performance Security
2
Malicious Programs
1.
Malicious programs are:

viruses,

worms,
trojans,
spyware,
adware,
rogue diallers




2.
Malicious programs can enter the
computer by:



USB’s
Email attachments
Downloads
1.1 System Performance Security
3
How to Protect against Malicious
Programs


anti-virus
anti-spyware
Use
and
software to
protect the computer from the risk of malicious programs
Remember that anti-virus software needs to be updated
regularly

To Protect your computer from malicious programs:
1.
Do not open email attachments from unknown
users,
2.
Treat
messages,

files,

software and

attachments
from unknown sources with caution

1.1 System Performance Security
4
Infiltration
 A hacker
is a skilled
programmer, who secretly
infiltrates computers without
authorisation
 A firewall helps to protect the
computer against the risk of
infiltration
1.1 System Performance Security
5
Hoaxes

Emails can contain hoaxes:
virus hoaxes,
 chain letters,
 scams,
 false alarms,
 misunderstandings,
 scares


Check whether a message you have
received is a hoax
1.1 System Performance Security
6
1.2 Information Security
Module 1 Version 5
Identity/Authentication
Information can be at risk from unauthorised access




An individual user name limits access to relevant
levels of information when logging onto a computer
Passwords and PIN numbers help to protect
information from the risk of unauthorised access
You should change your password/PIN number
regularly
Passwords should have a minimum of 6 characters
and include a mixture of letters and numbers



E.g. speaking753clock
321Butter258cup
Tammy147Marie36
1.2 Information Security
8
Confidentiality
A password or PIN number protects
information from unauthorised access

You should not share your password/PIN
number with anyone

Do not write down your password/PIN
number

Password/PIN numbers should be
memorised
1.2 Information Security
9
Confidentiality of Information
You should respect the confidentiality
of information you have access to
 Only disclose confidential information to
authorised personnel or systems
 Avoid leaving your computer unattended
without logging off or locking it, to
prevent the risk of unauthorised access
to data
1.2 Information Security
10
Identify Theft
Phishing is an email directing you to
enter personal details on a fake
website
 Inappropriate disclosure of information
can lead to identify theft
 Avoid inappropriate disclosure of
information by not giving personal details
1.2 Information Security
11
1.3 Technology Security
Module 1 Version 5
Networks
Sharing resources and data is the main advantage of using a

public network.
Unsecured networks can make information accessible to others

Confidential information may be sent across an unsecured
network in an encrypted format

Wireless networks may be visible or accessible to other users

There are security risks when using default passwords and
settings on networks, computers and programs as they offer a low
resistance to Hackers

Internet security settings should be adjusted to prevent the
risk of access to your network by other users
1.3 Technology Security
13
Connectivity
 Bluetooth
is short range wireless
protocol for exchanging data

Bluetooth settings should be adjusted
to prevent the risk of unauthorised
access to a Bluetooth device by others
1.3 Technology Security
14
Portable Devices
Portable devices are vulnerable to loss or
theft:






laptop,
notebook,
PDA,
mobile phone,
multimedia player
USB’s and other removable storage devices
can contain valuable and confidential
information that is vulnerable to loss or theft
1.3 Technology Security
15
Keeping Portable Devices Secure

Ensure all portable and removable
devices are stored safely and securely
by:
storing small devices out of sight on your
person or in a locked drawer
 A laptop or other larger device, should be
secured to a desk with cable (if you have to
leave it unattended for a short period of
time)

1.3 Technology Security
16
1.5 Data Security
Module 1 Version 5
1.4 Guidelines and Procedures
Module 1 Version 5
Guidelines and Procedures

Relevant guidelines and procedures for the
secure use of IT within your organisation are
usually held by the IT Department

Always follow the guidelines and procedures
listed by your organisation, for the secure use
of IT

If you are unsure of the procedure to follow
you should contact the Systems
Administrator
1.4 Guidelines and Procedures
19
Guidelines and Procedures (2)
Understand the IT security checks you
should carry out, which are listed in the
organisation’s security policy
 Report IT security threats or breaches
using the channel identified in the
organisation’s security policy

1.4 Guidelines and Procedures
20
Privacy
Know the privacy policy within your
organisation by reading the policy in the
organisation’s policy manual
 Ensure you follow the privacy policy
within your organisation

1.4 Guidelines and Procedures
21
Security
Prevention of Data Theft involves:
 Preventing access to data by:
1.
2.

using usernames and passwords/PIN numbers
Logging off the computer before leaving the room
Preventing theft of computers or storage
devices by:
1.
2.
locking computers and hardware using a security
cable
storing small devices out of sight on your person
or in a locked drawer or filing cabinet
1.5 Data Security
22
Backups
Backing up personal data and software is
essential to prevent loss of data due to:
Accidental file deletion
2. Data corruption
3. Computer malfunction and subsequent file loss
4. Theft of your computer
5. Natural disasters like fire, flood or earthquakes
Back up your personal data to appropriate media:
like a labelled CD or USB or External Hard Drive
It is important to have a secure off-site backup copy
of files
1.


1.5 Data Security
23
Storage
Store your personal data safely:
Use a labelled storage device to
backup personal data
 Make multiple copies of your data
 Store back up copies of personal data
off-site
 Store software securely by making
backups and storing off-site

1.5 Data Security
24