Internet security

Security Issues and Legal Constraints of Websites

How might someone obtain information about another person on the ? Identify a website where this may happen.

Users can easily obtain information from unknown people online such as by viewing at their profile where their contact details are sometimes their bank details are too.

These websites are MySpace and Facebook which are all popular for the users because they are social network group. When people give information about them self online, they make it easier for hackers to find people offline. So people should think carefully about who they give out their address to, what their phone number is or which school / job they go to.

What potential security issues could this access cause?

The potential security issue caused are that they can see people details which may include their full name, date of birth, address and even their bank account. When hackers steal information about the person they often target steal money of that person. For example if the hacker gets enough details about the person, the hacker may be able to apply for credit card or a loan the name of the owner. After the hackers have taken off with the money, this could result to the person left with bill and bad credit rating. Another example is, a person is a planning a party and post details on his MySpace page which includes his address. On the day, a stranger shows up uninvited, gatecrashes the party and destroys his house. This could happen when person gives full details about themselves online.

Which law is in place in the UK to enforce how personal data is used?

The current UK legislation covering data held about living individual people is the data protection 1998. This Act is a law designed protect people privacy so that data cannot be misuse.

Organisations that stores personal data must take by certain rules:

They must protect the data from unauthorised access.
-they must not pass on the data to other organisations without the individual’s permission.
The data they hold must be accurate and up to date, and must not be held for longer than ...

This is a preview of the whole essay

Which law is in place in the UK to enforce how personal data is used?

The current UK legislation covering data held about living individual people is the data protection 1998. This Act is a law designed protect people privacy so that data cannot be misuse.

Organisations that stores personal data must take by certain rules:

They must protect the data from unauthorised access.
-they must not pass on the data to other organisations without the individual’s permission.
The data they hold must be accurate and up to date, and must not be held for longer than needed.

What must a site like .hsbc.co.uk do to comply with this law?

HSBC must comply with the law data person act 1998 such as they keep personal details secure, in all circumstances. This means that organisations cannot use the data people give to them and used it for themselves. For e.g. a member of HSBC send an email to them. The company cannot use email but replying to person who bellowing to.

By what methods could a hacker infiltrate a commercial web site like ?

Hacker can infiltrate HSBC website by using other people user name as they have their information. Hacker can send key locker to users by email which is a program that tracks what users do on their computer. E.g. when user’s log into their HSBC website account this will automatically transfers to the hacker’s computer with all bank details of the user’s.

How can websites minimise security risks to their users and data?

Before Companies design websites they have to make sure that their computer’s system is install security software. Which prevent hackers accessing the pc network so that they cannot steal people’s data such as credit cards.

Firewall: Helps to keep computer more secure. It restricts information that comes to company pc, from other pc users by network. This will give company pc more control over data on their pc and providing a line of defence against hackers or unwanted software that try to connect to companies’ pc by network and stealing data.

The company should use a strong password on their network so that hackers cannot easily guess the password.

The companies need use encrypted which is a way of making data unreadable to expect the receiver.

What can users do to minimise security risks when online?

Users should use software protections before going online to prevent attacks from hackers or unwanted viruses which could result the PC stop responding.

Antivirus: Is a software helps protect users against viruses. Anti virus scan hidden viruses in an email messenger or web page which could damage the computer system. Anti virus helps disable the virus and prevent it from damaging user’s computer. So that users can surf the website safely without worrying about fraud or being attack by viruses or other threats.

Spyware: Is software that hides itself somewhere on pc users collecting information about users and what they do on the internet. Users can remove spyware by installing software like Adware that will scan user’s pc can remove the unwanted spyware.

Firewall: Is software that prevents unauthorised come into user’s network. So that cannot steal people privacy.

Unit 21: Website Production and Management