1.1 System Performance Security Module 1 Version 5

1.1 System Performance Security

Module 1 Version 5

1.1 System Performance Security 2

Unwanted Messages

‘Spam' is unwanted bulk emailUnwanted email and other messages, or

'spam', can be received on the computer

Use anti-spam software to protect the computer from the risk of unwanted messages


Malicious Programs

1. Malicious programs are: viruses, worms, trojans, spyware, adware, rogue diallers

2. Malicious programs can enter the computer by: USB’s Email attachments Downloads


How to Protect against Malicious Programs Use anti-virus and anti-spyware software to

protect the computer from the risk of malicious programs Remember that anti-virus software needs to be updated

regularly To Protect your computer from malicious programs:

1. Do not open email attachments from unknown users,

2. Treat messages, files, software and attachments

from unknown sources with caution


Infiltration

A hacker is a skilled programmer, who secretly infiltrates computers without authorisation

A firewall helps to protect the computer against the risk of infiltration


Hoaxes

Emails can contain hoaxes: virus hoaxes, chain letters, scams, false alarms, misunderstandings, scares

Check whether a message you have received is a hoax

1.2 Information Security

Module 1 Version 5

1.2 Information Security 8

Identity/Authentication

Information can be at risk from unauthorised access An individual user name limits access to relevant

levels of information when logging onto a computer Passwords and PIN numbers help to protect

information from the risk of unauthorised access You should change your password/PIN number

regularly Passwords should have a minimum of 6 characters

and include a mixture of letters and numbers E.g. speaking753clock 321Butter258cup Tammy147Marie36


Confidentiality

A password or PIN number protects information from unauthorised access

You should not share your password/PIN number with anyone

Do not write down your password/PIN number

Password/PIN numbers should be memorised


Confidentiality of Information

You should respect the confidentiality of information you have access to

Only disclose confidential information to authorised personnel or systems

Avoid leaving your computer unattended without logging off or locking it, to prevent the risk of unauthorised access to data


Identify Theft

Phishing is an email directing you to enter personal details on a fake website

Inappropriate disclosure of information can lead to identify theft

Avoid inappropriate disclosure of information by not giving personal details

1.3 Technology Security

Module 1 Version 5

1.3 Technology Security 13

Networks Sharing resources and data is the main advantage of using a

public network. Unsecured networks can make information accessible to others

Confidential information may be sent across an unsecured network in an encrypted format

Wireless networks may be visible or accessible to other users

There are security risks when using default passwords and settings on networks, computers and programs as they offer a low resistance to Hackers

Internet security settings should be adjusted to prevent the risk of access to your network by other users


Connectivity

Bluetooth is short range wireless protocol for exchanging data

Bluetooth settings should be adjusted to prevent the risk of unauthorised access to a Bluetooth device by others


Portable Devices Portable devices are vulnerable to loss or theft:

laptop, notebook, PDA, mobile phone, multimedia player

USB’s and other removable storage devices can contain valuable and confidential information that is vulnerable to loss or theft


Keeping Portable Devices Secure

Ensure all portable and removable devices are stored safely and securely by:storing small devices out of sight on your

person or in a locked drawerA laptop or other larger device, should be

secured to a desk with cable (if you have to leave it unattended for a short period of time)

1.5 Data Security

Module 1 Version 5

1.4 Guidelines and Procedures

Module 1 Version 5

1.4 Guidelines and Procedures 19

Guidelines and Procedures

Relevant guidelines and procedures for the secure use of IT within your organisation are usually held by the IT Department

Always follow the guidelines and procedures listed by your organisation, for the secure use of IT

If you are unsure of the procedure to follow you should contact the Systems Administrator


Guidelines and Procedures (2)

Understand the IT security checks you should carry out, which are listed in the organisation’s security policy

Report IT security threats or breaches using the channel identified in the organisation’s security policy


Privacy

Know the privacy policy within your organisation by reading the policy in the organisation’s policy manual

Ensure you follow the privacy policy within your organisation

1.5 Data Security 22

Security

Prevention of Data Theft involves: Preventing access to data by:

1. using usernames and passwords/PIN numbers2. Logging off the computer before leaving the room

Preventing theft of computers or storage devices by:

1. locking computers and hardware using a security cable

2. storing small devices out of sight on your person or in a locked drawer or filing cabinet


Backups

Backing up personal data and software is essential to prevent loss of data due to:

1. Accidental file deletion 2. Data corruption 3. Computer malfunction and subsequent file loss 4. Theft of your computer5. Natural disasters like fire, flood or earthquakes

Back up your personal data to appropriate media: like a labelled CD or USB or External Hard Drive

It is important to have a secure off-site backup copy of files


Storage

Store your personal data safely: Use a labelled storage device to

backup personal dataMake multiple copies of your dataStore back up copies of personal data

off-site Store software securely by making

backups and storing off-site

Documents

1.1 System Performance Security Module 1 Version 5