SlideShare uma empresa Scribd logo

Info2 sec 5_-_protecting_ict_systems

S
saltashict
Tecnologia
1 de 12
INFO2 Unit 5 Safety & security of data
What you need to know •Why do we need to protect data on ICT systems? •What are the possible threats to an ICT system? •How can an ICT system be protected? •What legislation covers ICT systems?
Why do we need to protect data on ICT systems? Here are some key reasons why the data on an ICT system, and the system itself must be protected. •Privacy of data – your (and my) personal details might be held on the system •Monitoring of ICT users – what have you been up to? Who else knows? •Identity theft – your identity and money is at risk if you’re not careful •Threats to the system – is it wise to drink coffee next to a machine or let someone log in as you? •Malpractice & crime – is someone doing something wrong or are they actually breaking the law?
What are the possible threats to an ICT system? Any threat to a system is dangerous. Some threats are more likely to happen than others and the outcome can vary from mild annoyance to complete loss of h/w, s/w and data The biggest threat to an ICT system is… the user of the system Other threats include: •Natural hazards (earthquake, lightning etc) •Faulty h/w or s/w •Viruses/worms/trojans •Spyware •Spam •Hacking •Fire •Loss of power
Malpractice & Crime Both malpractice and crime are threats to a system. Malpractice means doing something that is wrong/improper or careless. A crime obviously means something a bit more serious as you are breaking the law Examples of malpractice •Not logging off when finished with the system •Using the system for unauthorised uses •Giving user ID & password to someone else •Not backing up your work Examples of crime •Hacking •Piracy •Spreading viruses •Theft of data •Destruction of data •Fraud
Threats to a system can be INTERNAL or EXTERNAL dependant on whether they are from within or from outside the organisation. Typically hackers will be external unless they are an employee wanting to gain access to part of the system that they are not normally allowed to access.
How can an ICT system be protected? ICT systems can be protected in many simple ways •Train staff to use the systems correctly •Have an acceptable use policy (AUP) and documented procedures •Enforce user ID’s and passwords •Have access levels to restrict user access to data •Ensure the use of a strong password that is change regularly •Install, run and regularly update anti-virus software to detect and neutralise viruses, spyware and other nasties •Encrypt data to ensure that those who steal it cannot use it •Install and use a firewall •Use biometrics to restrict access to systems
What legislation covers ICT systems? •Computer Misuse Act (1990) •Copyright, Designs & Patents Act (1988) •Regulation of Investigatory Powers Act (2000) •Data Protection Act (1998) Please note that the laws cannot protect the ICT system or the data it holds but can allow for the perpetrators to be prosecuted if they are apprehended
Computer Misuse Act (1990) Used as a deterrent to those who like to “explore” ICT systems, look at data/information that they shouldn’t and possibly commit fraud and those who may alter or destroy data maybe by planting viruses. The Act has 3 sections Section 1 Unauthorised access Penalty max 2 years or a fine or both Section 2 As section 1 + committing a further offence such as fraud Penalty max 5 years or a fine or both Section 3 As section 1 + modifying data Penalty max 10 years or a fine or both
Copyright, Designs & Patents Act (1988) Allows original work by authors, artists, software companies, recording artists etc to be protected against illegal copying for between 50 – 70 years. Copying s/w or music to distribute is illegal. Having possession of equipment to copy files is illegal. Exceptions •If copying or performances are done for charity or royalties are collected and paid to the author it is OK. •If you are copying to create a legal archive it is OK •Copying for academic research is OK Typically used by Trading Standards to prosecute traders at car boot sales, other markets and on eBay. Maximum sentence is 2 years and a fine of £50 000
Regulation of Investigatory Powers Act (2000) A newish piece of legislation that allows organisations to record and monitor information about you. Makes legal telephone taps, interception of web traffic and emails, use of surveillance cameras, police ANPR systems etc, require you to hand over encryption keys so your data can be read. When introduced it was called a snoopers charter as it allowed many organisations to monitor what you are up to.
Data Protection Act (1998) The only law that protects YOU! Has a number of principles that all companies must adhere to if they collect personal data (data from which a single living being can be identified) and hold it for more than 40 days in a ICT system There are a number of exceptions that allow data to be held without your knowledge e.g. crime, national security etc Definitions you need to know •Data subject •Data user •Data controller •Information commissioner •The 8 principles •Rights of a data subject •The main exceptions both full and partial

Recomendados

Computer misuse
Computer misuse Computer misuse
Computer misuse
Shatakshi Goswami
 
Cyber security laws
Cyber security lawsCyber security laws
Cyber security laws
Nasir Bhutta
 
Hacking and Hacktivism
Hacking and HacktivismHacking and Hacktivism
Hacking and Hacktivism
rashidirazali
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
amiable_indian
 
Information Technology Act, 2000
Information Technology Act, 2000Information Technology Act, 2000
Information Technology Act, 2000
PrakharPrasoon
 
Stop Spymail: Protecting Your Organization from Email Privacy LOSS
Stop Spymail: Protecting Your Organization from Email Privacy LOSSStop Spymail: Protecting Your Organization from Email Privacy LOSS
Stop Spymail: Protecting Your Organization from Email Privacy LOSS
Chad Gilles
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
Harshita Ved
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
amiable_indian
 

Recomendados

Computer misuse
Computer misuse Computer misuse
Computer misuse
Shatakshi Goswami
 
Cyber security laws
Cyber security lawsCyber security laws
Cyber security laws
Nasir Bhutta
 
Hacking and Hacktivism
Hacking and HacktivismHacking and Hacktivism
Hacking and Hacktivism
rashidirazali
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
amiable_indian
 
Information Technology Act, 2000
Information Technology Act, 2000Information Technology Act, 2000
Information Technology Act, 2000
PrakharPrasoon
 
Stop Spymail: Protecting Your Organization from Email Privacy LOSS
Stop Spymail: Protecting Your Organization from Email Privacy LOSSStop Spymail: Protecting Your Organization from Email Privacy LOSS
Stop Spymail: Protecting Your Organization from Email Privacy LOSS
Chad Gilles
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
Harshita Ved
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
amiable_indian
 
HSC IT - Cyber Law and Ethics part 2
HSC IT - Cyber Law and Ethics part 2HSC IT - Cyber Law and Ethics part 2
HSC IT - Cyber Law and Ethics part 2
Vikas Saw
 
Cyber Law And Ethics
Cyber Law And EthicsCyber Law And Ethics
Cyber Law And Ethics
Madhushree Shettigar
 
How to stay safe online
How to stay safe onlineHow to stay safe online
How to stay safe online
leahbennooo
 
Cyberlaw
CyberlawCyberlaw
Cyberlaw
ambadesuhas
 
Indian Cyber laws
Indian Cyber lawsIndian Cyber laws
Indian Cyber laws
mulikaa
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
Anish Rai
 
Cybersecurity attacks critical legal and investigation aspects you must know
Cybersecurity attacks critical legal and investigation aspects you must knowCybersecurity attacks critical legal and investigation aspects you must know
Cybersecurity attacks critical legal and investigation aspects you must know
Benjamin Ang
 
Cyber Laws
Cyber LawsCyber Laws
Cyber Laws
mayur_ceh
 
Cyber Crime and laws in Pakistan
Cyber Crime and laws in PakistanCyber Crime and laws in Pakistan
Cyber Crime and laws in Pakistan
mahrukh rafique
 
Cyber fraud
Cyber fraudCyber fraud
Cyber fraud
Niti Dhruva
 
presentation
presentationpresentation
presentation
Shah Ali
 
Cyber security
Cyber security Cyber security
Cyber security
REVA UNIVERSITY
 
Cyber law
Cyber lawCyber law
Cyber law
premarhea
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
manisha9kathuria
 
Cyber crime 4th may,2018
Cyber crime 4th may,2018Cyber crime 4th may,2018
Cyber crime 4th may,2018
senguptasouvik99
 
Unit v: Cyber Safety Mechanism
Unit v: Cyber Safety MechanismUnit v: Cyber Safety Mechanism
Unit v: Cyber Safety Mechanism
Arnav Chowdhury
 
ethical legal issues
ethical legal issuesethical legal issues
ethical legal issues
Asia Pasific University
 
Overview of Computer & Internet Crimes in India
Overview of Computer & Internet Crimes in IndiaOverview of Computer & Internet Crimes in India
Overview of Computer & Internet Crimes in India
gsmonga
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
Aurobindo Nayak
 
Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour
Vijay Dalmia
 
Business case for upgrading ict data security system by keerthi delwatta u105...
Business case for upgrading ict data security system by keerthi delwatta u105...Business case for upgrading ict data security system by keerthi delwatta u105...
Business case for upgrading ict data security system by keerthi delwatta u105...
Keerthi Delwatta
 
DSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
DSS.LV - Principles Of Data Protection - March2015 By Arturs FilatovsDSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
DSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
Andris Soroka
 

Mais conteúdo relacionado

Mais procurados

Indian Cyber laws
Indian Cyber lawsIndian Cyber laws
Indian Cyber laws
mulikaa
 
Cybersecurity attacks critical legal and investigation aspects you must know
Cybersecurity attacks critical legal and investigation aspects you must knowCybersecurity attacks critical legal and investigation aspects you must know
Cybersecurity attacks critical legal and investigation aspects you must know
Benjamin Ang
 
Overview of Computer & Internet Crimes in India
Overview of Computer & Internet Crimes in IndiaOverview of Computer & Internet Crimes in India
Overview of Computer & Internet Crimes in India
gsmonga
 

Mais procurados (20)

HSC IT - Cyber Law and Ethics part 2
HSC IT - Cyber Law and Ethics part 2HSC IT - Cyber Law and Ethics part 2
HSC IT - Cyber Law and Ethics part 2
 
Cyber Law And Ethics
Cyber Law And EthicsCyber Law And Ethics
Cyber Law And Ethics
 
How to stay safe online
How to stay safe onlineHow to stay safe online
How to stay safe online
 
Cyberlaw
CyberlawCyberlaw
Cyberlaw
 
Indian Cyber laws
Indian Cyber lawsIndian Cyber laws
Indian Cyber laws
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
 
Cybersecurity attacks critical legal and investigation aspects you must know
Cybersecurity attacks critical legal and investigation aspects you must knowCybersecurity attacks critical legal and investigation aspects you must know
Cybersecurity attacks critical legal and investigation aspects you must know
 
Cyber Laws
Cyber LawsCyber Laws
Cyber Laws
 
Cyber Crime and laws in Pakistan
Cyber Crime and laws in PakistanCyber Crime and laws in Pakistan
Cyber Crime and laws in Pakistan
 
Cyber fraud
Cyber fraudCyber fraud
Cyber fraud
 
presentation
presentationpresentation
presentation
 
Cyber security
Cyber security Cyber security
Cyber security
 
Cyber law
Cyber lawCyber law
Cyber law
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime 4th may,2018
Cyber crime 4th may,2018Cyber crime 4th may,2018
Cyber crime 4th may,2018
 
Unit v: Cyber Safety Mechanism
Unit v: Cyber Safety MechanismUnit v: Cyber Safety Mechanism
Unit v: Cyber Safety Mechanism
 
ethical legal issues
ethical legal issuesethical legal issues
ethical legal issues
 
Overview of Computer & Internet Crimes in India
Overview of Computer & Internet Crimes in IndiaOverview of Computer & Internet Crimes in India
Overview of Computer & Internet Crimes in India
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 
Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour
 

Destaque

Interdisciplinary Lesson Plan ICT-Art
Interdisciplinary Lesson Plan ICT-ArtInterdisciplinary Lesson Plan ICT-Art
Interdisciplinary Lesson Plan ICT-Art
Daniela Silva
 
Chapter 1-introduction to ict
Chapter 1-introduction to ictChapter 1-introduction to ict
Chapter 1-introduction to ict
Aten Kecik
 

Destaque (6)

Business case for upgrading ict data security system by keerthi delwatta u105...
Business case for upgrading ict data security system by keerthi delwatta u105...Business case for upgrading ict data security system by keerthi delwatta u105...
Business case for upgrading ict data security system by keerthi delwatta u105...
 
DSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
DSS.LV - Principles Of Data Protection - March2015 By Arturs FilatovsDSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
DSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4
 
ICT security and Open Data
ICT security and Open DataICT security and Open Data
ICT security and Open Data
 
Interdisciplinary Lesson Plan ICT-Art
Interdisciplinary Lesson Plan ICT-ArtInterdisciplinary Lesson Plan ICT-Art
Interdisciplinary Lesson Plan ICT-Art
 
Chapter 1-introduction to ict
Chapter 1-introduction to ictChapter 1-introduction to ict
Chapter 1-introduction to ict
 

Semelhante a Info2 sec 5_-_protecting_ict_systems

Business And The Law
Business And The LawBusiness And The Law
Business And The Law
RobbieA
 
identifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxidentifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docx
mckerliejonelle
 
ITBIS105 3
ITBIS105 3ITBIS105 3
ITBIS105 3
Suad 00
 
Understand Ethics and Security in the Programming Process
Understand Ethics and Security in the Programming ProcessUnderstand Ethics and Security in the Programming Process
Understand Ethics and Security in the Programming Process
Casey Robertson
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
anilinvns
 

Semelhante a Info2 sec 5_-_protecting_ict_systems (20)

SHAILENDRA.ppt
SHAILENDRA.pptSHAILENDRA.ppt
SHAILENDRA.ppt
 
Business And The Law
Business And The LawBusiness And The Law
Business And The Law
 
IT-Presentation.pptx
IT-Presentation.pptxIT-Presentation.pptx
IT-Presentation.pptx
 
BTEC National in ICT: Unit 3 - Legal Constraints
BTEC National in ICT: Unit 3 - Legal ConstraintsBTEC National in ICT: Unit 3 - Legal Constraints
BTEC National in ICT: Unit 3 - Legal Constraints
 
chapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxgggggggggggggggggggggggggggchapter 5.pptxggggggggggggggggggggggggggg
chapter 5.pptxggggggggggggggggggggggggggg
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
identifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxidentifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docx
 
Unit 6 Privacy technological impacts.ppt
Unit 6 Privacy technological impacts.pptUnit 6 Privacy technological impacts.ppt
Unit 6 Privacy technological impacts.ppt
 
UNIT V.pptx
UNIT V.pptxUNIT V.pptx
UNIT V.pptx
 
It legislation
It legislationIt legislation
It legislation
 
How to stay safe online
How to stay safe onlineHow to stay safe online
How to stay safe online
 
Computer ethics cyber security and technology of it
Computer ethics cyber security and technology of itComputer ethics cyber security and technology of it
Computer ethics cyber security and technology of it
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal law
 
ITBIS105 3
ITBIS105 3ITBIS105 3
ITBIS105 3
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
TAMUC LO 7
TAMUC LO 7TAMUC LO 7
TAMUC LO 7
 
Understand Ethics and Security in the Programming Process
Understand Ethics and Security in the Programming ProcessUnderstand Ethics and Security in the Programming Process
Understand Ethics and Security in the Programming Process
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
 
Prevent million dollar fines - preparing for the EU General Data Regulation
Prevent million dollar fines - preparing for the EU General Data RegulationPrevent million dollar fines - preparing for the EU General Data Regulation
Prevent million dollar fines - preparing for the EU General Data Regulation
 

Mais de saltashict

Spot the difference
Spot the differenceSpot the difference
Spot the difference
saltashict
 
Unit 5 -_storage_devices
Unit 5 -_storage_devicesUnit 5 -_storage_devices
Unit 5 -_storage_devices
saltashict
 
Info2 unit 8_-_what_affects_use_of_ict
Info2 unit 8_-_what_affects_use_of_ictInfo2 unit 8_-_what_affects_use_of_ict
Info2 unit 8_-_what_affects_use_of_ict
saltashict
 
Info2 unit 7_-_what_ict_can_provide
Info2 unit 7_-_what_ict_can_provideInfo2 unit 7_-_what_ict_can_provide
Info2 unit 7_-_what_ict_can_provide
saltashict
 
Info2 unit 4_-_communications__networks
Info2 unit 4_-_communications__networksInfo2 unit 4_-_communications__networks
Info2 unit 4_-_communications__networks
saltashict
 
Info2 sec 3_-_people__ict_systems
Info2 sec 3_-_people__ict_systemsInfo2 sec 3_-_people__ict_systems
Info2 sec 3_-_people__ict_systems
saltashict
 
Info2 sec 2_-_data__information
Info2 sec 2_-_data__informationInfo2 sec 2_-_data__information
Info2 sec 2_-_data__information
saltashict
 
Info2 sec 1_-_ict_systems
Info2 sec 1_-_ict_systemsInfo2 sec 1_-_ict_systems
Info2 sec 1_-_ict_systems
saltashict
 
Info2 -_overview
Info2 -_overviewInfo2 -_overview
Info2 -_overview
saltashict
 
Aqa specification
Aqa specificationAqa specification
Aqa specification
saltashict
 
London 2012 data_brief
London 2012 data_briefLondon 2012 data_brief
London 2012 data_brief
saltashict
 

Mais de saltashict (14)

H and s slide
H and s slideH and s slide
H and s slide
 
H&s
H&sH&s
H&s
 
Spot the difference
Spot the differenceSpot the difference
Spot the difference
 
Unit 5 -_storage_devices
Unit 5 -_storage_devicesUnit 5 -_storage_devices
Unit 5 -_storage_devices
 
Student guide
Student guideStudent guide
Student guide
 
Info2 unit 8_-_what_affects_use_of_ict
Info2 unit 8_-_what_affects_use_of_ictInfo2 unit 8_-_what_affects_use_of_ict
Info2 unit 8_-_what_affects_use_of_ict
 
Info2 unit 7_-_what_ict_can_provide
Info2 unit 7_-_what_ict_can_provideInfo2 unit 7_-_what_ict_can_provide
Info2 unit 7_-_what_ict_can_provide
 
Info2 unit 4_-_communications__networks
Info2 unit 4_-_communications__networksInfo2 unit 4_-_communications__networks
Info2 unit 4_-_communications__networks
 
Info2 sec 3_-_people__ict_systems
Info2 sec 3_-_people__ict_systemsInfo2 sec 3_-_people__ict_systems
Info2 sec 3_-_people__ict_systems
 
Info2 sec 2_-_data__information
Info2 sec 2_-_data__informationInfo2 sec 2_-_data__information
Info2 sec 2_-_data__information
 
Info2 sec 1_-_ict_systems
Info2 sec 1_-_ict_systemsInfo2 sec 1_-_ict_systems
Info2 sec 1_-_ict_systems
 
Info2 -_overview
Info2 -_overviewInfo2 -_overview
Info2 -_overview
 
Aqa specification
Aqa specificationAqa specification
Aqa specification
 
London 2012 data_brief
London 2012 data_briefLondon 2012 data_brief
London 2012 data_brief
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Último (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Info2 sec 5_-_protecting_ict_systems

  • 1. INFO2 Unit 5 Safety & security of data
  • 2. What you need to know •Why do we need to protect data on ICT systems? •What are the possible threats to an ICT system? •How can an ICT system be protected? •What legislation covers ICT systems?
  • 3. Why do we need to protect data on ICT systems? Here are some key reasons why the data on an ICT system, and the system itself must be protected. •Privacy of data – your (and my) personal details might be held on the system •Monitoring of ICT users – what have you been up to? Who else knows? •Identity theft – your identity and money is at risk if you’re not careful •Threats to the system – is it wise to drink coffee next to a machine or let someone log in as you? •Malpractice & crime – is someone doing something wrong or are they actually breaking the law?
  • 4. What are the possible threats to an ICT system? Any threat to a system is dangerous. Some threats are more likely to happen than others and the outcome can vary from mild annoyance to complete loss of h/w, s/w and data The biggest threat to an ICT system is… the user of the system Other threats include: •Natural hazards (earthquake, lightning etc) •Faulty h/w or s/w •Viruses/worms/trojans •Spyware •Spam •Hacking •Fire •Loss of power
  • 5. Malpractice & Crime Both malpractice and crime are threats to a system. Malpractice means doing something that is wrong/improper or careless. A crime obviously means something a bit more serious as you are breaking the law Examples of malpractice •Not logging off when finished with the system •Using the system for unauthorised uses •Giving user ID & password to someone else •Not backing up your work Examples of crime •Hacking •Piracy •Spreading viruses •Theft of data •Destruction of data •Fraud
  • 6. Threats to a system can be INTERNAL or EXTERNAL dependant on whether they are from within or from outside the organisation. Typically hackers will be external unless they are an employee wanting to gain access to part of the system that they are not normally allowed to access.
  • 7. How can an ICT system be protected? ICT systems can be protected in many simple ways •Train staff to use the systems correctly •Have an acceptable use policy (AUP) and documented procedures •Enforce user ID’s and passwords •Have access levels to restrict user access to data •Ensure the use of a strong password that is change regularly •Install, run and regularly update anti-virus software to detect and neutralise viruses, spyware and other nasties •Encrypt data to ensure that those who steal it cannot use it •Install and use a firewall •Use biometrics to restrict access to systems
  • 8. What legislation covers ICT systems? •Computer Misuse Act (1990) •Copyright, Designs & Patents Act (1988) •Regulation of Investigatory Powers Act (2000) •Data Protection Act (1998) Please note that the laws cannot protect the ICT system or the data it holds but can allow for the perpetrators to be prosecuted if they are apprehended
  • 9. Computer Misuse Act (1990) Used as a deterrent to those who like to “explore” ICT systems, look at data/information that they shouldn’t and possibly commit fraud and those who may alter or destroy data maybe by planting viruses. The Act has 3 sections Section 1 Unauthorised access Penalty max 2 years or a fine or both Section 2 As section 1 + committing a further offence such as fraud Penalty max 5 years or a fine or both Section 3 As section 1 + modifying data Penalty max 10 years or a fine or both
  • 10. Copyright, Designs & Patents Act (1988) Allows original work by authors, artists, software companies, recording artists etc to be protected against illegal copying for between 50 – 70 years. Copying s/w or music to distribute is illegal. Having possession of equipment to copy files is illegal. Exceptions •If copying or performances are done for charity or royalties are collected and paid to the author it is OK. •If you are copying to create a legal archive it is OK •Copying for academic research is OK Typically used by Trading Standards to prosecute traders at car boot sales, other markets and on eBay. Maximum sentence is 2 years and a fine of £50 000
  • 11. Regulation of Investigatory Powers Act (2000) A newish piece of legislation that allows organisations to record and monitor information about you. Makes legal telephone taps, interception of web traffic and emails, use of surveillance cameras, police ANPR systems etc, require you to hand over encryption keys so your data can be read. When introduced it was called a snoopers charter as it allowed many organisations to monitor what you are up to.
  • 12. Data Protection Act (1998) The only law that protects YOU! Has a number of principles that all companies must adhere to if they collect personal data (data from which a single living being can be identified) and hold it for more than 40 days in a ICT system There are a number of exceptions that allow data to be held without your knowledge e.g. crime, national security etc Definitions you need to know •Data subject •Data user •Data controller •Information commissioner •The 8 principles •Rights of a data subject •The main exceptions both full and partial