• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

GCSE I.T Security Case Study - Riverside Leisure Centre

Extracts from this document...


Riverside Leisure Centre's Security Measures GCSE I.T Security Case Study Background Information Riverside Leisure Centre is situated in Chelmsford, Essex and is owned by Chelmsford Borough Council. They have had only one reported unauthorised entry to the complex in the last five years. The complex contains three swimming pools, an outdoor, heated indoor and a toddler indoor. It also has a Techno gym, ice rink, sports hall, licensed bar and a children's indoor play area. Due to the wide range of activities available, Riverside has a lot of visitors to it's complex. The bigger the crowds attracted, the bigger the risk of the security of customer's and employee's data being misused by unauthorised members of the public. This therefore calls for a good quality security system, both physically and via software. Having analysed the security systems at Riverside, with the help of answered questionnaires from the centre's management and from sketches of the leisure centre itself, I have noticed that there is a good quality system in use here. In this case study I will explain the methods, advantages and disadvantages of the current system and make recommendations on how to make the leisure centre more secure. Software Security Of Riverside Passwords Riverside uses a password log on system on all computers within the centre. Each employee has it's own username and password to log on to the computer, which holds data. This makes it impossible for intruders to log on to the computer without having access to an employee's user name and password. This is useful because it prevents unauthorised access but also allows management to pinpoint who has been on the computers at any one time. If an employee told an unauthorised person their username and password and that person obtained data from the computer, management could see exactly which employee had loaned their username/password and deal with them appropriately. Riverside also operates a hierarchy system when using passwords to access data. ...read more.


1/When your data is being used only in connection with personal, family or recreational use. 2/Where data is used only for the preparation of text documents. 3/Where the data is being used only for the calculation of wages and pensions, or for the production of accounts. 4/Where the data is used for the distribution of articles and information e.g. unsolicited mail (i.e. mail which advertises goods or a service you have not requested). 5/Where a sports club or a recreational club that is not a limited company holds the data. These exemptions include Riverside as they are a, " sport or recreational club which is not a limited company". We know they are not a limited company as limited companies (both private and public) belong in the private sector. Riverside, however, is in the public sector as it is owned by a local government (Chelmsford Borough Council). This exempts them from having to register with the Data Registrar, however, they still must abide by the principles of the act to avoid prosecution. According to the questionnaire I carried out, all Riverside staff that have access to the data are fully educated on the principles of the Data Protection Act. Recommended software security measures that Riverside could operate in the future Firewalls Riverside could use firewalls when accessing the Internet. A firewall is a program that can be installed onto the system to protect itself against the user doing any damage to it. It restricts the user from entering parts of the system. These are particularly useful if the system has access to a dial up connection, either to access an e-mail provider or the Internet, as things can be downloaded and can cause havoc with the system if they contain a virus etc. Firewalls also can control incoming call ID's to the system and can block ID's if they don't fit into a pre-specified category, which prevents computer 'hackers' from gaining access to the system. ...read more.


However all employees have knowledge of the Data Protection Act and therefore are preventing themselves from getting persecuted. I did expect them to use virus protection on their computers and the fact that they didn't means that they were easily susceptible to viruses that would have distorted their data. I strongly recommend that they get an anti-virus program to protect themselves. The following is a list of the advantages to the software security system currently in operation at Riverside: * It is legal and understands the laws that are applicable to them and the use of the data that they possess. * The password system prevents any unauthorised access to the system unless one of the employees tells of their password. * If an employee tells this, it is easy to pinpoint who has done it as their area password would have been used and it can be tracked. * It recognises the use of freeware/shareware can be damaging to the system. * The hierarchy system only lets top management view the most secure documents. * Cost effective The system also has its downfalls; here is a list of the disadvantages to the system. * No virus scanner was in use, leaving them open to viruses transmitted from the Intranet, LAN or Internet. * No encryption of data was being used and therefore important data may be viewed by unauthorised people whilst in transit between destinations. * Firewalls were not in operation therefore the door to untrained employees is left wide open to access potentially damaging parts of the computer's hard drive or Internet. * Cost effective but not secure enough to prevent data being exposed. This concludes the case study on Riverside Ice and Leisure and it's security systems. The recommendations for a new system are shown with the analysis of the systems and these may well be put into place by Riverside in the near future. The evidence I used to put together this case study is shown in appendices on the next page. ?? ?? ?? ?? Claire Wyatt 7221 ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Computer Science section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Computer Science essays

  1. Marked by a teacher

    Case Study. LEGAL ISSUES-: Data Protection Act. Whiteman Leisure must ensure that the information ...

    This also becomes their responsibility under the Data Protection act to ensure tight security measures are taken on board, such as setting up a firewall or encrypting systems to prevent hackers gaining access into their network. This factor should not be taken lightly as personal data such as customer?s bank

  2. Peer reviewed

    Networking Diagrams and Case Study

    3 star(s)

    and it also works on the transport layer (layer 4) 8. Star Network ? uses stuff that occurs on layers 1, 3, 4 9. VPN ? runs on the application layer (layer 7) and has access to the physical layer 2.

  1. Hardware and Software

    If digital camera is there only to create images for the web then a one Mega Pixel camera is sufficient. Size Size refers to the physical dimensions of an image. Image can be created by using inches and centimetres and by resolution using pixels.

  2. Discuss the relationship that exists in the UK between the legal rules that govern ...

    In this question I am focussing primarily on the section relating to directors and looking how the principles of the combined code relate to legal rules in governing directors duties. Section 1A of The Combined Code relates to company directors in this section there are 7 main principles, the first

  1. Different ways of data capture

    The destination file displays a representation of the linked info but stores only the location of the original data. The linked data is uploaded automatically if you change the original data in the source file .With an embedded object it becomes part of the destination file.

  2. With diagrams compare and contrast the relative advantages and disadvantages of digital transmission over ...

    incoming signal to determine if a pulse is present at a particular moment or not. The exact level of the signal is not important at all, so long as an "on" condition can still be clearly obvious from an "off" condition.

  1. I have been given the task to design a database for a company called ...

    Currency Currency Consignment Number Long Integer Default Order Records The order records will be in a table called 'Order'. The following table shows the field names, their type and field size. Field Name Field Type Field Size Order ID Auto Number - Long Integer Default Customer ID Number - Long

  2. BTEC National in IT Organisational systems security - Policies and guidelines for IT security ...

    Either way you must make sure that you know all of the surveillance laws that apply to ensure you are not breaking the law. Risk management: This is the assessment and strategy in place in relation to the risk assessment.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work