Monday, October 28, 2019

Importance of Data Security and Data Safety Essay Example for Free

Importance of Data Security and Data Safety Essay To prevent companies from using or passing on confidential information to other companies without the permission of the person who the data is about, companies will need to protect the data. With the popularity of the Internet there are opportunities for thieves to steal their personal data. So the government set a law (data protection act) which is used to protect peoples rights concerning how data is used and you also have the right to see such information and have any errors corrected. Also organisation will want to keep data confidential because it will not want its competitors to know how the business is going. List the 8 principles of the Data Protection Act The Data Protection Act says the personal data should: 1. Be adequate, relevant and not excessive. For example college should keep students details and details must be just what is needed and nothing more. 2. Be processed in accordance with the data subject right. For example the person that the data refers to have the right to read the information about him/her and the organisation should provide hem/her with information they need. 3. Be accurate and be kept up to date. There is a duty to keep it up to date, for example to change an address when people move. 4. Not be kept longer than necessary. For example it is alright to keep information for certain length of time but it would be wrong to keep information about past customers longer than a few years at most 5. Be obtained and processed for limited purposes. For example the organization must use the data only in the way it is described and it must not use it for any other purpose. 6. Be secure. This includes keeping the information backed up and away from any unauthorised access. It would be wrong to leave personal data open to be viewed by just anyone. 7. Not be transferred to countries outside Europe without adequate protection. Unless the country that the data is being sent to has a suitable data protection law 8. Be processed fairly and lawfully. For example if you put your money at bank no one can transfer your money without your permission. (a) What is the difference between the Internet, Intranet and Extranet? (P8) Internet: Are public networks that allow the user to use any of its facilities. Intranet and Extranet: is like a private internet. It is like a website that is only accessible to the members of a business or company. The different between Intranets and Extranet is: Intranet: Allow the members of organisation to access the access the system with an organisation. Extranet: Allow the members of organisation to access the system from different location but only by the users who have been given access rights. (b) * What is a browser? Is programme that can read web pages, by downloading HTML code and that allows the browser to interpret the code to the web page. A browser displays web pages, keeps track of where youve been, and remembers the places you want to return to, the most used browsers are Internet Explorer and Netscape Navigator. * Describe the role of a browser when using the Internet, Intranet and Extranet Browser allows the people to access information, view images, hear music and watch video, in the term of intranet and extranet the browser allows user to share documents, access databases and allow group work. * Describe the role of email when using internet communications. You can send email to an individual or to a group of people at the same time, you can create mailing list so that you can write a message and send it automatically to number of people. Also you can send files such as pictures, word document and sound as attachments to your message. (a) List major threats to an organisation that could happen while using the Internet. (P9) 1. Hacking (use to steal the personal details and private files of company) 2. The spreading of viruses (use to destroy or damage the important files of company) 3. Internet fraud (taking credit card details from customers) 4. Spay ware (is biggest threat in the computer system which allows someone to log into your computer and use it for their own purpose) 5. Spam ( sending unwanted messages especially commercial advertising) Purpose of assignment In this assignment, I have to do research and get information on the importance of data security and data safety. M research must be from ICT sources and non ICT sources and by using the evidence that I collect I should explain the importance of keeping customer information confidential, the main provision of data protection act, the role of browsers and email in internet communications, the difference between internet, intranet and extranet, the major threats to organization from internet and finally a poster that explains the importance of data safety and data security. The assignment will also gather key skills portfolio evidence. M5 Physical Security: Use of security guards, locks, reinforced doors, windows and walls depending on what is being protected. Use of ICT to enforce security entry on doors, and protected areas of buildings i.e.: swipe cards, fingerprint ID, voice recognition. Firewall: This is a security device, which acts as a single entry/exit point for information and access to a computer system. All traffic must pass through the firewall and therefore a system is secure from external threats. A firewall usually sits between the internal network of an organisation and access by the internet. Virus Protection: It is usual for systems to have some form of anti-virus software installed and running in the background. All files and devices introduced to the system would be scanned, any attempts to alter system files would be blocked, and notification made to the user/system administrator. Preventing the use of floppy disks is a good method of eliminating one source of potential virus problems. Identification of Users: A system of user IDs and passwords is a simple method of preventing unauthorised personnel accessing the system. These should be managed by the system administrator. With this, only some users will have access to certain programmes and data therefore increasing the level of security on sensitive data. In addition, some users may only be able to read the data and not write the data. Other users may not have the ability to delete or even to access certain files. Encryption software: the data may be encrypted (coded) into a form, which can only then be decoded by the intended user. If the data falls into the wrong hands, it will be meaningless. Backups: To guard against the loss of data, backups should be regularly made. These backups should be stored in a separate place, preferably in a fireproof environment. Passwords software: Password protection usually involves a person typing in: * A User Name to identify the person. * A Password to identify the person. He should be the only one to know what it is. Computer viruses: which are programs that destroy the way computer operates without the knowledge of the user, there are huge numbers of viruses some are extremely malicious with the ability to delete or damage files and programs. Some of the threats that they cause to computer systems include: * Deleting data on the hard disk of the organisation computer system. * Enabling hackers to hijack the organisation system and use it for their own purposes. How do viruses spread: * CDs and floppy disks containing infected documents. * Emails containing infected attachments. Hackers: who gain unauthorised access to computer systems for the purpose of stealing and corrupting data, also gaining access to financial information about the organisation business or their customers for the purposes of fraud. Security measures may include * Each user should be given a user name and a password. * Computer usage may be logged. * Computers should be disconnected from a network when not in use. * Use a firewall a computer running software, which detects hackers dialling in to a network. Spam: authorised users downloading a web page or receiving an email with hidden active content that attacks the organisation system or send sensitive information to unauthorised people. Organisation can stop spreading of spam by using spam filtering software Spy ware: is software that is placed on organisation computer when the employee visits certain websites, it is used to secretly gather information about the organisation usage and sends it back to advertiser or other interested company to tracking the organisation system use .it can also slow down or crashes the organisation computer Pop up: Many company advertisers on the Internet by using windows that pop up in the middle of computer screen to display a message. They might also open when you click a link or button on a Web site, and they might open either over or under the window, you wish to view. Some pop-up windows can contain inappropriate content or can be a way for employee of organisation to accidentally download dangerous software (called spyware or adware) onto organisation computer. Infringement of copyright: Internet users are not allowed to copy or print some internet materials such as; video, music, files and photos without the permission of copyright holder and sometimes they may have to pay a licence to do so. Theft and fraud: credits card fraud for example people can steal the details on credits card and using them illegally to buy goods Sole trader: A sole trader is the actual owner of a business, a sole trader also has unlimited liability. All the debts of the business are the debts of the owner. They can not issues shares .The whole meaning behind Sole means that she/he does not have partners. (e.g. electrical repair, picture framing, photography, diving instruction, retail shops, and hotels) Partnership A Partnership can be liable for all debts, it is easy to setup, but is also inexpensive to form. Forming partnership requires an agreement that is some times called partnership agreement between two to twenty individuals which entitles them to jointly own and carry on a trader business together. A partnership is a contract between two or more persons who agree to pool talent and money and share profit or loss. Private limited company A Private limited company has limited liability (the shareholders cannot loose more than their original shareholdings), and a minimum of two shareholders and a maximum of fifty shareholders. It cannot offer its shares to the public. A private limited company is treated as a legal entity. Public limited company A company which may have an unlimited number of shareholders and offer its shares to the wider public. (e.g. Cadbury and Tesco) Multi-National company A company that does business in more than one country, usually by setting up branch offices. Tesco Characteristics * Type of company: Tesco is an international retailer and is a publicly owned company (Public Limited Company Plc). * Products: including food and non-food business, personal finance, internet shopping, electrical items, home entertainment, toys, sports equipment, and many more. * Profit / loss: Tescos Profit and Loss 2005 2004 Sales at net selling prices 37,070 33,557 Turnover including share of joint ventures 34,353 31,050 Less: share of joint ventures turnover (379) (236) Operating profit/(loss) 1,949 1,735 Share of operating profit/(loss) of joint ventures and associates 130 97 Net profit/(loss) on disposal of fixed assets 53 (9) Profit on ordinary activities before taxation 1,962 1,600 Underlying profit before net profit/(loss) on disposal of fixed assets, integration costs and goodwill amortisation 2,029 1,708 * Size of company: Tesco operates 923 stores and employs 240,000 people , there are 639 branches in Great Britain and 182 in the rest of Europe * Location: they operate in UK, Hungary, Poland, Czech Republic, Slovak Republic, Thailand, South Korea, Taiwan and the Republic of Ireland * Purpose of company: to create value for customers to earn their lifetime loyalty. * Aims: Built good non-food sales expanded into retailing services and exploited e-commerce successfully. * Objective: 1. To deliver a consistently strong customer offer. 2. Making their shopping trip as easy as possible. 3. Constantly seeking to reduce their prices to help customer spend less. * Logo: Cadbury Characteristics * Type of company: is an international retailer and is a publicly owned company (Public Limited Company Plc). * Products: chocolate and drinks brands. * Profit / loss: Cadbury Profit and Loss à ¯Ã‚ ¿Ã‚ ½ (Millions) 2006 à ¯Ã‚ ¿Ã‚ ½ (Millions) 2005 Turnover 6,508.00 6,085.00 Operating Profit / (Loss) 1,003.00 825.00 Net Interest (188.00) (205.00) Pretax Profit 843.00 642.00 Post Tax Profits 703.00 497.00 Total Dividend Paid n/a n/a Retained Profit / (Loss) for the financial year n/a n/a * Size of company: they operate in more than 35 countries and they employs over 55,000 people * Location: Americas, Europe, Middle East and Africa and Asia Pacific. * Purpose of company: the organization work together to create brands people love. * Aims : 1. Deliver shareowner performance. 2. Ensure their capabilities are best in class. 3. Reinforce reputation with employees and society * objective: 1. Responding to consumer needs quickly. 2. Grow shareowner value. 3. Attract and develop the best kind of people.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.