• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
Page
  1. 1
    1
  2. 2
    2
  3. 3
    3
  4. 4
    4
  5. 5
    5
  6. 6
    6
  7. 7
    7
  8. 8
    8
  9. 9
    9
  10. 10
    10

Threats to Data

Extracts from this document...

Introduction

Threats to data Introduction In the 21st century, information itself is a highly valuable commodity, and has time has passed and continues to doe so its value will continue to go up as our world becomes more and more reliant on Information Communication Technology. This change can be seen as very good and helpful but at recent times the threat towards our information has become a hindrance, almost a barrier in our everyday lives. In fact you will be very surprised at the length some people will go to get personal information about others. The majority of organisations hold personal information about others either legally or illegally these are also known as data controllers. Threats to data can come from both inside an organisation as well as outside and a company must invest in protection from both of these sources of threats. Data is too valuable to the company to risk losing it! There are many threats to data and can come in different forms based on the medium in which the data is stored. Data stored electronically and over an online transaction can be damaged by potential threats Potential threats to data: ? Data interception ? Unauthorised access to stored data (Internal/external) ? The integrity of information ? Accidental loss or damage ? Physical threats Data interception Data interception describes the process in which data can be accessed through the internet by gaining access to something called an ISP, all data that travels through the internet is directed and routed through ISP's, so this is an obvious option for unauthorised collection of data. Unauthorised access to stored data Where a company hires people to sort and manage customer data, it is possible employees could have agendas to make money by collecting private customer data such as email addresses or phone numbers to be sold to third parties that require such data. The integrity of information If the language or method data is presented, it can be wrongly read therefore wrongly recorded; this can result in a distortion of data. ...read more.

Middle

This would mean a secured area with access provided by a lock. The sophistication of the key would depend really of the perceived value of the information held. Full biometric locks involving retina scans or DNA analysis may be a little over the top for a transactional website whose restricted area would probably be protected by a key pad with a regularly changed code. However, fingerprint locks are now relatively cheap and are becoming more common. User ID's and Access rights Most computers, especially networked computers, provide you with the ability to use access rights. The basic idea of access rights is to only allow access to data to those people who need it. Different people would therefore be allowed to access different bits of data depending on their job. In order to do this then each person must be identified by the computer system. This is done by assigning a user ID to each person and using this to say which bits of data they can have access to. No one is allowed to sign on to a computer system unless they provide a valid user ID. Of course as long as they provide a valid user ID the computer doesn't actually know that it is that person signing on so most systems require you to provide a secret password as well. Encryption Data is stored on a computer using a series of zeroes and ones called binary. These are organised into groups and codes, for example ASCII, are used to store numbers and letters. These codes are well known so if a hacker gets to look at your data then it is fairly easy to find out what it says. If encryption is applied then the data stored is scrambled by an algorithm (a series of instructions and calculations) so that what is stored looks like gibberish. If a hacker then gets at your data he would find it difficult, under these circumstances, to translate it. ...read more.

Conclusion

There are three levels of offence which are. 1) Unauthorised access to computer material This is the lowest level offence and covers finding or guessing someone's password and gaining access to their files just to look at the data it contains. Even if no damage is done this is considered an offence and can carry the penalty of up to 6 months in prison or a fine or both. 2) Unauthorised access with intent to commit or facilitate commission of further offences This builds on the previous offence in that the information gained by the unauthorised access to someone else's data is used to commit a further offence. Maybe using their details to access a service you would not normally be available to you. The penalty for this is up to 5 years imprisonment or a fine. 3) Unauthorised modification of computer material This part of the act covers viruses and the deleting or altering of files with intent to impair the operation of the computer. Accidental deletion or corruption of files is not covered by this part of the act and again the penalty is five years imprisonment or a fine. The effectiveness of this act is questionable. If a hacker is prosecuted under the act then that may be one less hacker and it may be that it provides a warning to others. Unfortunately there are lots of hackers and a hacker can only be prosecuted after they have done the damage which is of little comfort to the victim. Also to prosecute a hacker you have to find them and although the source can often be traced via an IP address it can be difficult to pinpoint if the path is complicated. Also hackers could use internet cafes to do their damage making them more difficult to trace or they could be in a foreign country which doesn't cooperate with our police. The act is useful in that it makes misuse of computers illegal but there are many hackers and virus writers but few prosecutions. Source: www.HMSO.gov.uk ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our AS and A Level Information Systems and Communication section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related AS and A Level Information Systems and Communication essays

  1. Marked by a teacher

    Database Coursework on a Vehicle Rental System: Analysis

    5 star(s)

    This can take upwards of ten seconds each time, which may not sound like a lot but if we feed this into the equation 10*n*365, n being the number of times a record is searched for every day, we discover that large numbers of hours are wasted per year simply searching for records!

  2. Marked by a teacher

    E-Commerce Laws and Legislation - The Data Protection Act

    4 star(s)

    In the past the fact that cookies were not blocked on the web browser by default was considered a way of gaining consent, but as most shoppers do not understand what cookies are or how to block them websites now have to display a notice informing the user that cookies

  1. Marked by a teacher

    Assignment A: Analysis of Transactional Website

    3 star(s)

    The only problem when searching like that is that it brings up to many hits which means that it is hard to find a specific item, but is good for a wide range of products relating to a certain sport.

  2. ict as level coursework

    If you change your mind and want to do something else click the 'go back to main menu' button. Or if you want to completely stop the system at any point click the 'exit' button. This will disable the system completely.

  1. IT Security Threats to Users and Businesses.

    Malicious damage (internal and external causes) Malicious damage is unpredictable and therfore cant really be prepaired for but means that the employer will have to be careful and think about who he is employing. The damage can be caused if a disgruntled employee is getting revenge on the business afater

  2. Data Processing Task. Mr Peters, the man who runs this particular Samsung store ...

    customer Unique Primary Key BusinessID Number Long Integer A unique one or two digit code to represent a business Presence Check VAT Text 20 The value added tax to a particular order Presence Check Order Date Date/ Time The date the order was made by the business Presence Check Delivery

  1. BTEC IT Organisational Systems Security - outline of potential threats to an online business.

    External: This means that damage has come from outside the organisation. This may still come from an unhappy employee but it may also be by someone looking for self-gain or satisfaction or even a competitor company. These threats may include but are not limited to, virus attacks, phishing and identity theft, forging data, hacking, theft and industrial espionage.

  2. Businesses now have to take certain precautions to ensure theirs and customer data is ...

    This is known as hacking, these criminals can then use this personal information to sell to other criminals, this usually happens internally within a company so they must always make sure their employees are aware and take notice of anything they think may be a threat to someone?s data.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work