• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

GCSE I.T Security Case Study - Riverside Leisure Centre

Extracts from this document...

Introduction

Riverside Leisure Centre's Security Measures GCSE I.T Security Case Study Background Information Riverside Leisure Centre is situated in Chelmsford, Essex and is owned by Chelmsford Borough Council. They have had only one reported unauthorised entry to the complex in the last five years. The complex contains three swimming pools, an outdoor, heated indoor and a toddler indoor. It also has a Techno gym, ice rink, sports hall, licensed bar and a children's indoor play area. Due to the wide range of activities available, Riverside has a lot of visitors to it's complex. The bigger the crowds attracted, the bigger the risk of the security of customer's and employee's data being misused by unauthorised members of the public. This therefore calls for a good quality security system, both physically and via software. Having analysed the security systems at Riverside, with the help of answered questionnaires from the centre's management and from sketches of the leisure centre itself, I have noticed that there is a good quality system in use here. In this case study I will explain the methods, advantages and disadvantages of the current system and make recommendations on how to make the leisure centre more secure. Software Security Of Riverside Passwords Riverside uses a password log on system on all computers within the centre. Each employee has it's own username and password to log on to the computer, which holds data. This makes it impossible for intruders to log on to the computer without having access to an employee's user name and password. This is useful because it prevents unauthorised access but also allows management to pinpoint who has been on the computers at any one time. If an employee told an unauthorised person their username and password and that person obtained data from the computer, management could see exactly which employee had loaned their username/password and deal with them appropriately. Riverside also operates a hierarchy system when using passwords to access data. ...read more.

Middle

1/When your data is being used only in connection with personal, family or recreational use. 2/Where data is used only for the preparation of text documents. 3/Where the data is being used only for the calculation of wages and pensions, or for the production of accounts. 4/Where the data is used for the distribution of articles and information e.g. unsolicited mail (i.e. mail which advertises goods or a service you have not requested). 5/Where a sports club or a recreational club that is not a limited company holds the data. These exemptions include Riverside as they are a, " sport or recreational club which is not a limited company". We know they are not a limited company as limited companies (both private and public) belong in the private sector. Riverside, however, is in the public sector as it is owned by a local government (Chelmsford Borough Council). This exempts them from having to register with the Data Registrar, however, they still must abide by the principles of the act to avoid prosecution. According to the questionnaire I carried out, all Riverside staff that have access to the data are fully educated on the principles of the Data Protection Act. Recommended software security measures that Riverside could operate in the future Firewalls Riverside could use firewalls when accessing the Internet. A firewall is a program that can be installed onto the system to protect itself against the user doing any damage to it. It restricts the user from entering parts of the system. These are particularly useful if the system has access to a dial up connection, either to access an e-mail provider or the Internet, as things can be downloaded and can cause havoc with the system if they contain a virus etc. Firewalls also can control incoming call ID's to the system and can block ID's if they don't fit into a pre-specified category, which prevents computer 'hackers' from gaining access to the system. ...read more.

Conclusion

However all employees have knowledge of the Data Protection Act and therefore are preventing themselves from getting persecuted. I did expect them to use virus protection on their computers and the fact that they didn't means that they were easily susceptible to viruses that would have distorted their data. I strongly recommend that they get an anti-virus program to protect themselves. The following is a list of the advantages to the software security system currently in operation at Riverside: * It is legal and understands the laws that are applicable to them and the use of the data that they possess. * The password system prevents any unauthorised access to the system unless one of the employees tells of their password. * If an employee tells this, it is easy to pinpoint who has done it as their area password would have been used and it can be tracked. * It recognises the use of freeware/shareware can be damaging to the system. * The hierarchy system only lets top management view the most secure documents. * Cost effective The system also has its downfalls; here is a list of the disadvantages to the system. * No virus scanner was in use, leaving them open to viruses transmitted from the Intranet, LAN or Internet. * No encryption of data was being used and therefore important data may be viewed by unauthorised people whilst in transit between destinations. * Firewalls were not in operation therefore the door to untrained employees is left wide open to access potentially damaging parts of the computer's hard drive or Internet. * Cost effective but not secure enough to prevent data being exposed. This concludes the case study on Riverside Ice and Leisure and it's security systems. The recommendations for a new system are shown with the analysis of the systems and these may well be put into place by Riverside in the near future. The evidence I used to put together this case study is shown in appendices on the next page. ?? ?? ?? ?? Claire Wyatt 7221 ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Computer Science section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Computer Science essays

  1. Marked by a teacher

    Case Study. LEGAL ISSUES-: Data Protection Act. Whiteman Leisure must ensure that the information ...

    This also becomes their responsibility under the Data Protection act to ensure tight security measures are taken on board, such as setting up a firewall or encrypting systems to prevent hackers gaining access into their network. This factor should not be taken lightly as personal data such as customer?s bank

  2. Peer reviewed

    Networking Diagrams and Case Study

    3 star(s)

    Firewall ? If it?s an application firewall it works on layer 7 and it has access to the network layer (layer 3) 7. Server/Proxy Server ? As it can be software, it can work on the application layer (layer 7)

  1. What is transaction processing?

    Through the development of virus protection software that can automatically scan incoming and outgoing mail for suspicious contents the risks of infection are minimal, on the condition that the software is constantly updated. Still a minimum risk applies as thousands of new viruses and Emailing worms appear and time to

  2. With diagrams compare and contrast the relative advantages and disadvantages of digital transmission over ...

    It accepts the input from each individual end user, and generates a signal on a different frequency for each of the inputs. This results in a high-bandwidth, complex signal containing data from all the end users. At the other end of the long-distance cable, the individual signals are separated out

  1. Discuss the relationship that exists in the UK between the legal rules that govern ...

    committees, the roles of chairmen and chief executives, the proportion of non executives and many other matters. The Combined Code is compulsory for all UK listed companies however compliance with the principles is not mandatory but non compliance must be stated and explained in the reports.

  2. ICT Sample Work Welcome Centre Requirements

    Chris is more of an advanced user, and can do all of the above to a more complex level, as well as use graphics and multi-media packages for design work. 6. What hardware and software do you have at The Welcome Centre?

  1. Smart Card System

    Enforcement of the policies governing resources use. There are varieties of ways involved when policy is concerned. These depend on the hardware being setup and the operating system handled them. Lock-and-key provides the same benefits as access control lists. However, lock-and-key also has the following security benefits over access control lists.

  2. BTEC National in IT Organisational systems security - Policies and guidelines for IT security ...

    Your security procedure should include things such as; never turn off your firewall, don't share you password, don't leave your PC unattended and logged in. Scheduling of security audits: A security audit is a technical assessment of how secure something is, be it physical, hardware, software or data security.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work