Security
Introduction
Organisations need to be proactive in dealing with security risks such as:
Having a policy for handling sensitive data
Procedures for reporting security incidents
Making staff aware of their responsibilities with respect to information
security
A company's security policy may include:
an Acceptable Use Policy (AUP)
a description of how the company plans to educate its employees about
protecting the company's assets
an explanation of how security measures will be carried out and enforced
a procedure for evaluating the effectiveness of the security policy to
ensure that necessary corrections will be made
Acceptable Use Policy (AUP)
A user must agree to follow this in order to be provided with access to a
network or to the Internet
An Acceptable Use Policy (AUP) might include:
Not using the service as part of violating any law
Not attempting to break the security of any computer network or
user
Not posting commercial messages to groups without prior
permission
Computer Related Privacy Issues
A password is an un-spaced sequence of characters used to determine
that a computer user requesting access to a computer system is really
that particular user
A password is typically 8 or more characters long
With letters, number and special characters as well as lower and upper
cases depending on the system set up
Passwords are case-specific/case sensitive
Password hints
Don't pick a password that someone can easily guess if they know who you are
(for example, your National Identity Number, birthday, or maiden name)
Do not pick a word that can be found in the dictionary (since there are
programs that can rapidly try every word in the dictionary!)
Implications of theft of a laptop or mobile phone
Misuse of confidential files
Loss of files
Loss of important contact details
Possible misuse of telephone numbers
Privacy is infringed
Misuse of personal information
Access to social media space
Access to confidential communication email and such like
Different types of ‘virus’
Generally, there are three main classes of viruses:
1.
File infectors
2.
System or boot-record infectors
3.
Macro viruses
Real names of ‘viruses’
1.
Trojan horse
5. Malware
2.
Worm
6. Adware
3. Ransomware
4. Spyware
Virus Point(s) of Entry
As a file attached to an e-mail message
Via instant messengers
On an infected flash
As a download via the internet
Hackers
Anti-virus measures
Do not open e-mail attachments unless they are from a trusted
source
Install a firewall program
Buy anti-virus software that can screen e-mail attachments
Computer Hacking
Ethical hacking
Black hat hackers
Online security challenges
Sniffing
Spoofing
Snooping
Phishing
Social engineering
How to improve security
1. Intrusion Detection Systems (IDS)
2. Intrusion Prevention Systems (IPS)
3. Firewalls
Computer
Health and
Safety
(Ergonomics)
Good Working Environment
Appropriate positioning of monitors,
keyboards and adjustable chairs
Use of a mouse mat
Common health problems
Injuries to wrists caused by prolonged typing (Repetitive Stress Injury - RSI)
Eye strain caused by screen glare
Back problems associated with poor seating or bad posture
Psychological challenges
Safety precautions
Make sure cables are safely secured
Ensure power points are not overloaded
Proper lighting
Taking of breaks
Safe distance from screen
Ethical
considerations
Understand software copyright
Copyright issues apply to:
Computer software
Graphics
Text
Audio
Video
Facts themselves are not copyrighted, but
how they are presented on a website is
Software
Shareware
Freeware
Open source
Group Exercise
You have been invited to give a presentation. Discuss how you would
demonstrate and enhance your credibility as a speaker.
[10]
Demonstrate the structure of the following documents employed in
organisations: Report, Press Release, Memoranda, Circular, Notice [15]
Work in groups of not more than 3
Submission:
Word processed document and PowerPoint slides
0
