11. 8 : SECURITY OF DATA
SPECIFICATION STATEMENTS (AQA 5521)
Understand the importance of, and the mechanisms for, maintaining data security, describing the distinction between security and privacy.
Understand simple processes that protect the integrity of data against malicious or accidental alteration e.g.:
standard clerical procedure
passwords
levels of permitted access
write protect mechanisms
backup procedures
restoration and recovery procedures
BACKUP SYSTEMS
Understand the need for regular and systematic backup and procedures for recovery
(Note the legal framework is covered in ICT1)
I always seem to type secutiry when I try to type security - diversion over....
An excellent set of resources for this can be obtained from N CHADDERTON.
There are clearly lots of good reasons for keeping data secure, and there are lots of organisations who already hold data on you.
As a victim of identity fraud, it is clear that there is a lot of data on all of us out there, and some of it may even be true.
There is apparently a good description of GENERATIONAL BACKUPS at the PC MAG archive site.
A recent additional case study example is the change in procedures introduced by Barclaycard, which was explained in a mailing to customers which I got with my last bill. The leaflet said on the front: "Your financial details are personal. We'll help you keep them that way"
They're trying to prevent IDENTITY THEFT: when someone uses your personal details without your knowledge. This can occur if you throw away documents with personal details - don't just chuck stuff away - get it shredded!!
They are introducing extra checks when you are making a purchase. They'll also check any unusual purchases.
Over 30 000 Barclaycard customers in Northampton have been issued with new 'CHIP AND PIN' cards - these need a 4 digit PIN instead of signing a receipt. When CHIP AND PIN was introduced in France, it reduced fraud by 80% - should be available throughout the UK by 2005. I got a leaflet from Barclaycard in January 2004 explaining this.
There are people working away to crack whatever code is placed in their way - they see this as a challenge, and then other websites spring up to take advantage of this...
For example: HERE is a useful article from the BBC site on PIRACY - "Will piracy sink the DVD ?"
Once you've downloaded your film, or bought your illegal copy (this is not recommended by GeographyPages...) there are sites such as COVER UNIVERSE and CD COVERS where the images to make the CD or DVD or Play Station game look 'just like the real thing'. The scale of illegal copying is growing and threatens the end of some formats.
There are a series of COPY PROTECTION SYSTEMS which are used on DVDs. All the information is split into blocks, and the keys to unscramble the content (CSS) are stored in a hidden area.
Also noticed that new measures are being introduced on EXAM CERTIFICATES and STATEMENTS OF ENTRY.
Need to mention a new trend called PHISHING.
This involves setting up a scam: a website which looks like an existing one, which is set up to get your credit card details. SPOOFING of e-mail addresses is a growing trend too.
Microsoft are apparently preparing SERVICE PACK 2 which is going to be available in June, and is aimed at fixing a range of security problems. A BBC article on the plans, and the contents of SP2 is available by clicking the link. This will force all programs to ask for permission to access the web, and not launching Windows Messenger by default. There will also be measures to stop forced buffer over-runs, which was one way of hackers gaining access to a machine. Those on Broadband will be able to download SP2, others may have to get it on CD (perhaps on the cover of Windows XP magazine - that was how I got SP1) It will also blog POP UP Ads (my GOOGLE Toolbar does that as well...)