1.1 System Performance Security

1
1.1 System Performance Security

• Module 1 Version 5

2
Unwanted Messages

• Spam' is unwanted bulk email
• Unwanted email and other messages, or 'spam', can
  be received on the computer
• Use anti-spam software to protect the computer
  from the risk of unwanted messages

3
Malicious Programs

• Malicious programs are
• viruses,
• worms,
• trojans,
• spyware,
• adware,
• rogue diallers
• Malicious programs can enter the computer by
• USBs
• Email attachments
• Downloads

4
How to Protect against Malicious Programs

• Use anti-virus and anti-spyware software to
  protect the computer from the risk of malicious
  programs
• Remember that anti-virus software needs to be
  updated regularly
• To Protect your computer from malicious programs
  
• Do not open email attachments from unknown users,
  
• Treat
• messages,
• files,
• software and
• attachments
• from unknown sources with caution

5
Infiltration

• A hacker is a skilled programmer, who secretly
  infiltrates computers without authorisation
• A firewall helps to protect the computer against
  the risk of infiltration

6
Hoaxes

• Emails can contain hoaxes
• virus hoaxes,
• chain letters,
• scams,
• false alarms,
• misunderstandings,
• scares
• Check whether a message you have received is a
  hoax

7
1.2 Information Security

• Module 1 Version 5

8
Identity/Authentication

• Information can be at risk from unauthorised
  access
• An individual user name limits access to relevant
  levels of information when logging onto a
  computer
• Passwords and PIN numbers help to protect
  information from the risk of unauthorised access
  
• You should change your password/PIN number
  regularly
• Passwords should have a minimum of 6 characters
  and include a mixture of letters and numbers
• E.g. speaking753clock
• 321Butter258cup
• Tammy147Marie36

9
Confidentiality

• A password or PIN number protects information
  from unauthorised access
• You should not share your password/PIN number
  with anyone
• Do not write down your password/PIN number
• Password/PIN numbers should be memorised

10
Confidentiality of Information

• You should respect the confidentiality of
  information you have access to
• Only disclose confidential information to
  authorised personnel or systems
• Avoid leaving your computer unattended without
  logging off or locking it, to prevent the risk of
  unauthorised access to data

11
Identify Theft

• Phishing is an email directing you to enter
  personal details on a fake website
• Inappropriate disclosure of information can lead
  to identify theft
• Avoid inappropriate disclosure of information by
  not giving personal details

12
1.3 Technology Security

• Module 1 Version 5

13
Networks

• Sharing resources and data is the main advantage
  of using a public network.
• Unsecured networks can make information
  accessible to others
• Confidential information may be sent across an
  unsecured network in an encrypted format
• Wireless networks may be visible or accessible to
  other users
• There are security risks when using default
  passwords and settings on networks, computers and
  programs as they offer a low resistance to
  Hackers
• Internet security settings should be adjusted to
  prevent the risk of access to your network by
  other users

14
Connectivity

• Bluetooth is short range wireless protocol for
  exchanging data
• Bluetooth settings should be adjusted to prevent
  the risk of unauthorised access to a Bluetooth
  device by others

15
Portable Devices

• Portable devices are vulnerable to loss or theft
  
• laptop,
• notebook,
• PDA,
• mobile phone,
• multimedia player
• USBs and other removable storage devices can
  contain valuable and confidential information
  that is vulnerable to loss or theft

16
Keeping Portable Devices Secure

• Ensure all portable and removable devices are
  stored safely and securely by
• storing small devices out of sight on your person
  or in a locked drawer
• A laptop or other larger device, should be
  secured to a desk with cable (if you have to
  leave it unattended for a short period of time)

17
1.5 Data Security

• Module 1 Version 5

18
1.4 Guidelines and Procedures

• Module 1 Version 5

19
Guidelines and Procedures

• Relevant guidelines and procedures for the secure
  use of IT within your organisation are usually
  held by the IT Department
• Always follow the guidelines and procedures
  listed by your organisation, for the secure use
  of IT
• If you are unsure of the procedure to follow you
  should contact the Systems Administrator

20
Guidelines and Procedures (2)

• Understand the IT security checks you should
  carry out, which are listed in the organisations
  security policy
• Report IT security threats or breaches using the
  channel identified in the organisations security
  policy

21
Privacy

• Know the privacy policy within your organisation
  by reading the policy in the organisations
  policy manual
• Ensure you follow the privacy policy within your
  organisation

22
Security

• Prevention of Data Theft involves
• Preventing access to data by
• using usernames and passwords/PIN numbers
• Logging off the computer before leaving the room
• Preventing theft of computers or storage devices
  by
• locking computers and hardware using a security
  cable
• storing small devices out of sight on your person
  or in a locked drawer or filing cabinet

23
Backups

• Backing up personal data and software is
  essential to prevent loss of data due to
• Accidental file deletion
• Data corruption
• Computer malfunction and subsequent file loss
• Theft of your computer
• Natural disasters like fire, flood or earthquakes
• Back up your personal data to appropriate media
  like a labelled CD or USB or External Hard Drive
• It is important to have a secure off-site backup
  copy of files

24
Storage

• Store your personal data safely
• Use a labelled storage device to backup personal
  data
• Make multiple copies of your data
• Store back up copies of personal data off-site
• Store software securely by making backups and
  storing off-site