Information Security
Information Security
Intro
Information
security is the security of data and keeping it safe, both physical, software
and networking measures are taken to prevent secured data from being
compromised. Compromised information can result in a huge loss in money to an
organisation, for an individual it could even be harmful if personal data details
were compromised. It is also breaking the law as the data protection act 1998
was put into place to provide legal rights to anybody who has stored
information about them.
Confidentiality
Confidentiality
All
data Is confidential. Therefore, any college employees who are responsible for
the data must never speak or share the data they have seen as it breaking the
law. If they spoke or used afterwards then they would be charged for the same
offences as stealing the data in the first place. If you were ever in a
position where you need to use information of somebody but yourself then you
must delete any evidence if it was written down and prove that you no longer
have that information so you are never held as a liability for that
information.
Data Integrity
Data integrity is the responsibility of keeping data accurate, true and up to date, if you written false information about somebody on their record then you’d be supplying false information about somebody which could affect them later in life. You should always check that what you write about somebody is correct, proof read it over to make sure that there are no errors or mistakes, as if there was then you would be held liable for the data integrity of that person and it could result in criminal offences and getting fired from/kicked out of college.
Data integrity is the responsibility of keeping data accurate, true and up to date, if you written false information about somebody on their record then you’d be supplying false information about somebody which could affect them later in life. You should always check that what you write about somebody is correct, proof read it over to make sure that there are no errors or mistakes, as if there was then you would be held liable for the data integrity of that person and it could result in criminal offences and getting fired from/kicked out of college.
Access to data
Data
access is put at all clearance levels for all different reasons, the college
visitors may be able to access so much of the college faciality’s with the
students allowed that little bit more, even the college tutors will not have
the same clearance levels as other tutors, as they do not need to be accessing
the files that others of access will. You should never try and access data that
is restricted for you to use as it will be breaking data protection acts and could
end up facing criminal offences and if you on a system which has higher
clearance than yourself then log off/remove yourself from that system
immediately so that you are not held liable in case any future problems occur.
Malicious Damage
The
impact of malicious damage towards the college computer systems is very cost
effective, just a single broken computer system can be up to hundreds of pounds
cost of repair. If there was malicious damage towards a whole classroom it
would end up costing in the thousands. Which puts the college in financial
positions and means setbacks on other essential college needs. The impact of
malicious damage to a server network could affect the data stored over that
network majorly putting the student’s data and documents at risk.
By
using cloned hard drives, backups and other disaster recovery options you can
prepare for a malicious damage attacks, by regularly backing up your data if
there ever was a threat then up you can recover or back up the data from the
last set restore point and backing up externally with a cloned hard drive at
least if the college systems were stolen, then the cloned hard drive could
replenish the data from its backed up drive, which at least prevents you from
losing all your data and information in case of a malicious damage threat.
Hardware Threats
The
impact of hardware that has been broken or stolen is both a risk of stored data
being stolen and later being misused for law breaking reasons and the cost to
repair to system units if there is any hardware that has been stolen then this
can be an information security threat as the thief could access data if
they then have the hard drives. To protect yourself and the college from having
the data leaked it’s best to invest in the best software measures such as
encryption and passwords to at least prevent the thief’s from breaking into
stolen systems.
Threats related to e-commerce
The
impact of information security affecting e-commerce could range from the
websites databases being leaked leading to signed up users having personal
secure information running the threat or being used or stolen. Luckily colleges
usually don’t have a database for payments such as bank account details but the
students will have an online submission box to upload their work on which could
also be affected by hackers.
Counterfeit goods
Counterfeit
goods run the risk for information security threats as the information would
end up lost if the data has been entered on a counterfeit system or on
counterfeit software. This could lose data for the users and may be unable to
ever recover back resulting in wasted time and frustration. Then also having to
replace the system/software will cost the college even more money.
Technical Failure
Technical
failure runs the same risk of hardware failure and counterfeit system/software,
if there is technical failure then the information could be lost. Often
resulting in problems trying to recover the information. To prevent information
from being lost it’s best to always save the work after completing sections
onto a portable storage device like a memory stick then if at any work is lost your
information is still secure on a portable device.
Human Error
Human
errors could result in being fired or criminal offences if it is to do with
information security. If you were sending an email and you entered the wrong
address and the wrong person got hold of the information you sent, then you
would be responsible for the information security breach. To avoid ever
accidentally leaking anybody’s information always double check that it is going
to the right place and that nothing is out of place as it could cost the
organisation money, or even law suits against yourself.