Security and Integrity of Data

Protection from hackers and viruses

There are a large number of ways in that an organisation can be protected from hackers and viruses:

· Using anti virus software – There are a lot of different anti virus programs available, which when loaded onto your computer can scan the memory and discs for any viruses that could be potentially harmful to your computer. The software would then remove any viruses found. However it is important to regularly update your virus software, as new viruses are being discovered all the time which old pieces of software may not be programmed to check for.

· Stopping people downloading files/placing files from discs onto the hard drive of the computer – This would be a very effective way of preventing viruses, as no unauthorised or potentially damaging software would be allowed onto the computer, as long as people did keep to the rules.

· Backing up the system daily – This wouldn’t necessarily stop viruses within the system, but in the event of the system being destroyed then it would be easy to quickly replace everything that has been lost as it would be backed up on discs.

· Have one stand alone PC where discs can be checked for viruses, therefore if there happens to be a virus on the disc it will only affect the one PC and not bring a whole network down.

· Using user names and passwords that are unique. Therefore nobody would be able to access the system without authorisation since they would not know these pieces of information.

· Setting up a firewall on the system. This is a device that would monitor the ports of your computer and block unauthorised access. It can keep track of all data that enters or leaves your network, and even stop this data from doing so, therefore if you did get a virus on your computer you would have monitored when it was received and where it came from.

Backing up data

Data needs to be backed up regularly. This is so that if the data is ever lost due to a virus, or accidental deletion, loss or corruption, it can easily be replaced. This would save a lot of time in re-producing all of the lost data, and if data were backed up every evening then it would only be one days work maximum that would ever be lost in the event of one of the above happening.

Even if your PC is password protected it can still be hacked, and files lost this way as many programs make this process very easy.

You can help to keep your data safer by backing up data every time you save a piece of work. You can back up data onto either floppy discs or if you have a CD writer, onto CDs. If you back up onto re-writeable CDs then you can overwrite these backups once you add to your work.

Physical safeguards

Some of the following physical safeguards could be used to look after data:

· Files locked away/discs kept in a locked room

· Write protect floppy discs, this involves moving a small tab so that data cannot be written onto the disc.

· The small tab that is on tape cartridges can be snapped off which will prevent data from being over written.

· The computer could be password protected so that nobody without the correct password would be able to use the computer

· Peripherals such as the mouse or the keyboard could be removed, which would prevent anybody from using the machine unless they had spares with them, which would be unlikely.

Safeguarding the network

An organisation could safeguard its network from who used it by:

· Using firewalls – These could be used to stop data coming into and going out of the network. Therefore hackers would not be able to gain access to the network, as the firewall would stop them.

· Give every person that is going to use the network a unique username and password. Then anybody that didn’t know the passwords would be unable to gain entry to the network. Also the server administration could allow different people access to different things throughout the network to limit and track damage that could be done.

Passwords

Passwords are used to limit who can gain access to a computer. For a password to be effective it would have to be changed regularly and be difficult for another person to guess. However there are programs that can guess passwords very quickly through word lists that are programmed into them. To combat this the number of attempts there can be at entering the password can be limited.

For example, on the school network each pupil has a separate folder with a unique username and their own password. If anybody tries to gain unauthorised access to a folder placed on the network they would first need to know a username, and a password that goes with it, finding these could be a difficult task.

Integrity of data

Data can become inaccurate in some of the following ways:

· Mistakes in collecting data

· Transmission errors – These types of errors would occur when data, which has been sent from one device to another, is changed during transmission due to a hardware failure. For example files being sent across the Internet from one computer to another may become corrupt through sending, which would render them unusable.

· Read errors – When data is misread.

· Transcription errors – These are errors that are made whilst the data is being entered, for example people simply making a typing error and not realising.

The consequences of inaccurate data could be that, in the example of a company such as a bank having wrong data, their customers becoming annoyed, and the company losing money. The company could also be arrested under the data protection act.

Verification, validation and input masks

Verification is when a human, through proofreading, checks data. You can do this in several ways:

· Proof read the work on the monitor or on a print out

· Check work on a monitor/print out with a manual copy

· Get somebody else to check the work for you.

· Two people typing in the same data, and if the data is the same it is accepted for processing. The only drawback to this is the unlikely event that the two people actually make the same mistake, and the wrong data is inputted.

The advantages of verification are that data is less likely to be inaccurate. For many companies such as banks, data being accurate is crucial.

However, it does take time to check all the data, and in cases such as having two people entering the data, this is using another person that could be doing other more important work, and two wages need to be paid which would lose money.

Validation can be used in a database, where you set up the fields in a database so that only certain information can be entered. It’s a check by the actual computer program and makes sure that the data is allowable.

There are many different checks that can be performed:

· Character type check – This check will make sure that the correct characters are entered into the computer.

· Length check – Where the length of the word that has been entered is checked, and if this is incorrect an error message is displayed. For example when filling in a form, if the question “what sex are you” was asked, there are only two possible answers, male or female, so we know that the maximum number of letters that could be entered into this field would be 6.

· Range check – You can perform this check on number, to make sure that they are within a certain range. For example, upon entering peoples ages, there are not likely to be any people older than 130, so you could set it up so that this anything higher than this number could not be inputted.

· Presence check – When a code is entered that checks if there is actually something in the field. This would be used in a field which must have some data entered into it, such as a primary key field which would define each entry into the database.

· List check – This only allows certain data to be entered. For example, “Title.” We know that there are only a certain amount of titles which could be entered, Mr, Mrs, Miss, etc. So we could enter them all into the computer, and if anything else was entered an error message would be displayed and the data could not be entered.

The advantages of validation:

· There is less chance of making typing errors as the computer checks all your data for you, and you do not have to look through the document so carefully for errors, therefore this is a timesaver.

Disadvantages:

· Validation rules can take a little time to set up.

· They also do not guard against typing errors completely.

Input masks allow you to actually design the way that data should be entered into certain fields. Data can be entered exactly how you wish it to be, with capital letters, or brackets, or percentage signs.

The advantages of input masks are that:

· They allow data to be entered quickly, you would not have to keep pressing the shift key for capital letters if you set up input masks to capitalise in certain places.

· All of the data will be accurate and consistent, providing you set up the input masks correctly, as the input masks will make sure that all of the data is the same.

· You do not need to waste time checking all of the data, as it is certain that it will all be correct.

The disadvantages of input masks are:

· When entering names, you could set it up so that the first letter of the 1st name, and the 1st letter of the surname are capitalised. However when it comes to names such as McHugh, the check would not allow the third letter of this name to be capitalised.

· Like validation rules, they can take a considerable amount of time to set up; time that could be better spent doing other things.

The following characters can be used to set up input masks.

0 – A number required

9 – A number optional

L – Letter must be entered

? – A letter optional.

> - A capital letter

< - A lowercase letter

If you wanted to set an input mask up for a postcode, you would do so in the following manner:

An example of a postcode may be CW5 6JY.

The input mask for this would be LL09 0LL

The “Ls” for capital letters, and the 9 would be there since some postcodes do have an extra number on the end, but not all therefore the number would be optional.