Post on 28-Dec-2015
1.1 System Performance Security
Module 1 Version 5
1.1 System Performance Security 2
Unwanted Messages
‘Spam' is unwanted bulk emailUnwanted email and other messages, or
'spam', can be received on the computer
Use anti-spam software to protect the computer from the risk of unwanted messages
1.1 System Performance Security 3
Malicious Programs
1. Malicious programs are: viruses, worms, trojans, spyware, adware, rogue diallers
2. Malicious programs can enter the computer by: USB’s Email attachments Downloads
1.1 System Performance Security 4
How to Protect against Malicious Programs Use anti-virus and anti-spyware software to
protect the computer from the risk of malicious programs Remember that anti-virus software needs to be updated
regularly To Protect your computer from malicious programs:
1. Do not open email attachments from unknown users,
2. Treat messages, files, software and attachments
from unknown sources with caution
1.1 System Performance Security 5
Infiltration
A hacker is a skilled programmer, who secretly infiltrates computers without authorisation
A firewall helps to protect the computer against the risk of infiltration
1.1 System Performance Security 6
Hoaxes
Emails can contain hoaxes: virus hoaxes, chain letters, scams, false alarms, misunderstandings, scares
Check whether a message you have received is a hoax
1.2 Information Security
Module 1 Version 5
1.2 Information Security 8
Identity/Authentication
Information can be at risk from unauthorised access An individual user name limits access to relevant
levels of information when logging onto a computer Passwords and PIN numbers help to protect
information from the risk of unauthorised access You should change your password/PIN number
regularly Passwords should have a minimum of 6 characters
and include a mixture of letters and numbers E.g. speaking753clock 321Butter258cup Tammy147Marie36
1.2 Information Security 9
Confidentiality
A password or PIN number protects information from unauthorised access
You should not share your password/PIN number with anyone
Do not write down your password/PIN number
Password/PIN numbers should be memorised
1.2 Information Security 10
Confidentiality of Information
You should respect the confidentiality of information you have access to
Only disclose confidential information to authorised personnel or systems
Avoid leaving your computer unattended without logging off or locking it, to prevent the risk of unauthorised access to data
1.2 Information Security 11
Identify Theft
Phishing is an email directing you to enter personal details on a fake website
Inappropriate disclosure of information can lead to identify theft
Avoid inappropriate disclosure of information by not giving personal details
1.3 Technology Security
Module 1 Version 5
1.3 Technology Security 13
Networks Sharing resources and data is the main advantage of using a
public network. Unsecured networks can make information accessible to others
Confidential information may be sent across an unsecured network in an encrypted format
Wireless networks may be visible or accessible to other users
There are security risks when using default passwords and settings on networks, computers and programs as they offer a low resistance to Hackers
Internet security settings should be adjusted to prevent the risk of access to your network by other users
1.3 Technology Security 14
Connectivity
Bluetooth is short range wireless protocol for exchanging data
Bluetooth settings should be adjusted to prevent the risk of unauthorised access to a Bluetooth device by others
1.3 Technology Security 15
Portable Devices Portable devices are vulnerable to loss or theft:
laptop, notebook, PDA, mobile phone, multimedia player
USB’s and other removable storage devices can contain valuable and confidential information that is vulnerable to loss or theft
1.3 Technology Security 16
Keeping Portable Devices Secure
Ensure all portable and removable devices are stored safely and securely by:storing small devices out of sight on your
person or in a locked drawerA laptop or other larger device, should be
secured to a desk with cable (if you have to leave it unattended for a short period of time)
1.5 Data Security
Module 1 Version 5
1.4 Guidelines and Procedures
Module 1 Version 5
1.4 Guidelines and Procedures 19
Guidelines and Procedures
Relevant guidelines and procedures for the secure use of IT within your organisation are usually held by the IT Department
Always follow the guidelines and procedures listed by your organisation, for the secure use of IT
If you are unsure of the procedure to follow you should contact the Systems Administrator
1.4 Guidelines and Procedures 20
Guidelines and Procedures (2)
Understand the IT security checks you should carry out, which are listed in the organisation’s security policy
Report IT security threats or breaches using the channel identified in the organisation’s security policy
1.4 Guidelines and Procedures 21
Privacy
Know the privacy policy within your organisation by reading the policy in the organisation’s policy manual
Ensure you follow the privacy policy within your organisation
1.5 Data Security 22
Security
Prevention of Data Theft involves: Preventing access to data by:
1. using usernames and passwords/PIN numbers2. Logging off the computer before leaving the room
Preventing theft of computers or storage devices by:
1. locking computers and hardware using a security cable
2. storing small devices out of sight on your person or in a locked drawer or filing cabinet
1.5 Data Security 23
Backups
Backing up personal data and software is essential to prevent loss of data due to:
1. Accidental file deletion 2. Data corruption 3. Computer malfunction and subsequent file loss 4. Theft of your computer5. Natural disasters like fire, flood or earthquakes
Back up your personal data to appropriate media: like a labelled CD or USB or External Hard Drive
It is important to have a secure off-site backup copy of files
1.5 Data Security 24
Storage
Store your personal data safely: Use a labelled storage device to
backup personal dataMake multiple copies of your dataStore back up copies of personal data
off-site Store software securely by making
backups and storing off-site