Information Security

Information Security

Intro

Information security is the security of data and keeping it safe, both physical, software and networking measures are taken to prevent secured data from being compromised. Compromised information can result in a huge loss in money to an organisation, for an individual it could even be harmful if personal data details were compromised. It is also breaking the law as the data protection act 1998 was put into place to provide legal rights to anybody who has stored information about them.

Confidentiality

All data Is confidential. Therefore, any college employees who are responsible for the data must never speak or share the data they have seen as it breaking the law. If they spoke or used afterwards then they would be charged for the same offences as stealing the data in the first place. If you were ever in a position where you need to use information of somebody but yourself then you must delete any evidence if it was written down and prove that you no longer have that information so you are never held as a liability for that information.

Data Integrity

Data integrity is the responsibility of keeping data accurate, true and up to date, if you written false information about somebody on their record then you’d be supplying false information about somebody which could affect them later in life. You should always check that what you write about somebody is correct, proof read it over to make sure that there are no errors or mistakes, as if there was then you would be held liable for the data integrity of that person and it could result in criminal offences and getting fired from/kicked out of college.

Access to data

Data access is put at all clearance levels for all different reasons, the college visitors may be able to access so much of the college faciality’s with the students allowed that little bit more, even the college tutors will not have the same clearance levels as other tutors, as they do not need to be accessing the files that others of access will. You should never try and access data that is restricted for you to use as it will be breaking data protection acts and could end up facing criminal offences and if you on a system which has higher clearance than yourself then log off/remove yourself from that system immediately so that you are not held liable in case any future problems occur.

Malicious Damage

The impact of malicious damage towards the college computer systems is very cost effective, just a single broken computer system can be up to hundreds of pounds cost of repair. If there was malicious damage towards a whole classroom it would end up costing in the thousands. Which puts the college in financial positions and means setbacks on other essential college needs. The impact of malicious damage to a server network could affect the data stored over that network majorly putting the student’s data and documents at risk.

By using cloned hard drives, backups and other disaster recovery options you can prepare for a malicious damage attacks, by regularly backing up your data if there ever was a threat then up you can recover or back up the data from the last set restore point and backing up externally with a cloned hard drive at least if the college systems were stolen, then the cloned hard drive could replenish the data from its backed up drive, which at least prevents you from losing all your data and information in case of a malicious damage threat.

Hardware Threats

The impact of hardware that has been broken or stolen is both a risk of stored data being stolen and later being misused for law breaking reasons and the cost to repair to system units if there is any hardware that has been stolen then this can be an information security threat as the thief could access data if they then have the hard drives. To protect yourself and the college from having the data leaked it’s best to invest in the best software measures such as encryption and passwords to at least prevent the thief’s from breaking into stolen systems.

Threats related to e-commerce

The impact of information security affecting e-commerce could range from the websites databases being leaked leading to signed up users having personal secure information running the threat or being used or stolen. Luckily colleges usually don’t have a database for payments such as bank account details but the students will have an online submission box to upload their work on which could also be affected by hackers.

Counterfeit goods

Counterfeit goods run the risk for information security threats as the information would end up lost if the data has been entered on a counterfeit system or on counterfeit software. This could lose data for the users and may be unable to ever recover back resulting in wasted time and frustration. Then also having to replace the system/software will cost the college even more money.

Technical Failure

Technical failure runs the same risk of hardware failure and counterfeit system/software, if there is technical failure then the information could be lost. Often resulting in problems trying to recover the information. To prevent information from being lost it’s best to always save the work after completing sections onto a portable storage device like a memory stick then if at any work is lost your information is still secure on a portable device.

Human Error

Human errors could result in being fired or criminal offences if it is to do with information security. If you were sending an email and you entered the wrong address and the wrong person got hold of the information you sent, then you would be responsible for the information security breach. To avoid ever accidentally leaking anybody’s information always double check that it is going to the right place and that nothing is out of place as it could cost the organisation money, or even law suits against yourself.