Information and Communication Technology
Like any valuable resource, data needs to be protected. There is always the possibility of accidental damage or loss of the data, and of course there may be people who want to steal it or destroy it.
A large amount of data in ICT systems data is made of valuable personal or business information. Losing that data to thieves, vandals, or accidents can be both expensive and inconvenient.
This page looks at some data security methods, ways of reducing the risk of loss or damage to data, plus what can be done to recover the data if it is lost or damaged.
It is impossible to stop all accidental damage, but there are a number of data security precautions that can be taken to reduce it. Some examples are:
Of the two, making the back-
When in doubt, back it up.
As a web writer, I find it very annoying when there is a problem with my computer / the Internet / the mains power supply, and I lose all the work I did in the last 15 minutes. I don't lose more than 15 minutes because I've learnt the hard way about the importance of making copies of the work and keeping them safe. That is essentially what a back-
When making a back-
The commonest storage medium in PCs is still the hard disk. Hard disks are divided up into tracks, shown as concentric circles. Each track is divided into sectors, shown separated by the radial lines.
When a file is saved, it is given an address by the operating system. This address includes information about the track(s) and sector(s) being used to store it. The operating system keeps a list of each stored file, together with its address.
When a file is deleted, the file name and address is wiped from the operating system's list, but the actual file is left where it was on the hard disc. The track(s) and sector(s) that were used to store the file are marked as being available but the file will not be overwritten until the space is required to store something else.
Data recovery software is able to bypass the operating system's list of files and look directly at the hard disc contents. If a deleted file has not been overwritten it can be read, and if required, put back onto the file list.
Even partially overwritten files can be recovered in this way. Specialist software may then be needed to read the file contents, but in many cases the software that was used to create the file can still display the undamaged sections.
Actually, data recovery software can recover data from flash memory and other storage devices as well as from hard drives. The software just has to know about a variety of file systems and how the memory addresses are laid out for each type of device.
Malware is software designed to get itself onto a computer and run without authorisation. Malware includes viruses, spyware, and some adware.
Important. Examples of Anti-
Also important. If you already have malware on your computer, installing anti-
Viruses include trojans, rootkits, and worms. Viruses are able to reproduce and spread themselves. Some viruses restrict themselves to simply reproducing and spreading, others may have more dangerous functions such as damaging files or stealing passwords.
Spyware is software that is designed to secretly collect information when it is installed on a computer. Sometimes this will be sensitive information such as passwords, bank account numbers or credit card numbers. Sometimes it will be more general information such as Internet browsing habits.
If the spyware is collecting sensitive information, it will usually try to remain hidden and simply send the information to an Internet location.
If the spyware is collecting browsing information, it may become more visible as it alters the behaviour of the user's browser. e.g. changing the home page, altering search engine settings, or redirecting the browser to fake sites where further malware attacks can be attempted.
Most antispyware software will also remove adware. (see below)
Adware is software that displays, and sometimes downloads, advertisements. These may turn up as part of a game, in a pop-
Some adware however is malicious. Once installed, it will hide itself and then download and display advertisements when the original application is not running, or even after it has been removed. Malicious adware may also perform a browser hijack, deleting advertisements from sites that the user is visiting and substituting its own.
Most spyware may be stopped by having anti-
It is important te realise that some applications, particularly freeware, require advertisements to run as a condition of use. Removing the adware component will often stop the rest of the application from working.
Two important aspects of data security are:
1. Keeping people away from the data in the first place
2. Preventing people from being able to understand the data even if they do manage to get through your other defences.
A firewall may be either hardware based, software based, or a combination of the two.
Every electronic communication that enters or leaves the firewall-
Anything that does not conform is stopped. The rules are essentially the security settings for the firewall. Some of these will be the default settings, others may be set or adjusted by the user.
Most firewalls also serve to hide the external / public IP address of the system that they are protecting. This means that when a hacker tries to contact random IP addresses in the hope of finding a vulnerable system, the firewall makes it look as if there is nothing there.
Firewalls cannot stop invited communications, so the second step in keeping intruders out is to be cautious about what gets invited in. An e-
Even the most secure systems may still fall victim to malware, so preventing people from understanding what they have found is an important second line of defence. This means some form of encryption of the data.
There are numerous secure encryption systems available and it is a simple task to encrypt a file to a degree that there is no reasonable chance of decrypting it without a super computer and a large amount of time. A good, free one is TrueCrypt.
Unfortunately, the strength of an encryption is only as good as the strength of the key, PIN, or password that allows the decryption. Passwords should be strong, kept secure, and changed on a regular basis.