Information and Communication Technology

Risks to data and personal information

Understanding risks that can cause the loss of data

The widespread use of ICT has involved the collection, storage and use of vast amounts of data.

Much of that data is made of valuable personal or business information.

Like any valuable resource, it needs to be protected. There is always the possibility of accidental damage or loss of data, and of course there may be people who want to steal it or destroy it.

This page looks at some of the factors involved in data damage or loss of data and and the ways in which the damage or loss can occur.

Accidental damage to and loss of data

The commonest cause of loss of data is user error. (Problem Exists Between Chair And Keyboard)

Although modern operating systems and application software have safeguards to help to prevent accidental damage to and loss of data, it is still a common occurrence. Accidental damage may happen because of. e.g. accidental deletion, hardware or software malfunction, or user misunderstanding of how a process or application works.

Accidental deletion. Otherwise known as Oops, I didn't mean to do that!.

This is probably the common way of all to cause a loss of data.

Modern PC operating systems usually have the equivalent of a Windows Recycling Bin. This allows deleted files to be recovered in a fairly simple manner. Unfortunately, many users fail to appreciate that network operating systems do not all have this facility and that a file deleted over a network link will be deleted permanently. Files deleted through an application may also bypass the Recycling Bin.

In addition, data being deleted inside an application such as a spreadsheet or database can usually only be recovered if the application has some sort of Undo feature and even if there is an Undo, it may only allow a few steps to be retraced.

Hardware or software malfunction. Probably the second most common accidental cause.

Most users have experienced a computer crash, probably many times. In most cases, the application, or the computer, can be restarted without any problems and all that will be missing are the changes made since the last save / autosave / back-up. In some cases though, especially where a data file was being written to when the crash happened, the file may be corrupted and become unreadable.

User misunderstanding. This covers a wide range of possibilities, but most users will have experienced a situation where they have clicked on a control thinking that it would do one thing, only to find that it does something else, or it was the wrong control, or that it should have been clicked with the other mouse button, or the Control key should have been held down at the same time, etc. As software becomes more powerful, it usually becomes more complex as well and even the most experienced of users can make mistakes.

The page dealing with prevention of and recovery from damage, is here.

Deliberate damage

Malware is probably the second most common reason for loss of data

Deliberate damage to data and personal information is less common than accidental damage.

There are two good reasons for this.

1. Normal users have much greater access to their machines than malicious intruders and therefore have many more opportunities to mess things up.

2. Malicious intruders are more likely to want to steal data or personal information without anyone knowing they have done it.

It could even be argued that many cases of deliberate damage are just attempts at data theft that have gone wrong.

Deliberate damage does happen though.

It may be caused by insiders, such as a disgruntled employee, or by network intruders.

Often the external intruder will use a piece of software such as a virus to get through the network defences from the inside, although there have also been many cases of hackers exploiting security weaknesses to get into a system from outside.

The page dealing with prevention of and recovery from damage, is here.

Contact Privacy Forum ICT index Learning Objectives Home
Home Learning Objectives ICT index Forum Privacy Contact