COMPUTER SYSTEM SECURITY AND DATA PROTECTION

Computer security is concerned with taking care of the hardware, software and most
importantly, data. Loss of data can have various consequences such as failure to receive
payments, bad business decisions, late deliveries or even cash flow problems.

Why there is a need for data protection.

Data has a value to people who own it and use it on daily basis. If it is lost, damaged or stolen
it can be disastrous on the daily activities. It is very important that data is kept safe as
possible. Data can be damaged by accident or by carelessness; it can also be erased or
altered deliberately.

Ways on which data can be damaged, corrupted and lost

 Attack by viruses

 Hardware malfunctions

 Accidental or malicious deletion or changing of data

 Natural disasters such as fire and floods

Computer Viruses

A virus is a program that activates itself unknown to the user and destroys/alters/corrupts the
data. All viruses are man-made. Viruses are usually spread by;

 Downloading infected programs from the internet

 Opening infected files

 Using storage media’s that contain infected files

Types of computer viruses

A Worm virus - is a virus that simply reproduces itself rapidly, using up all the available
spaces leaving no space for your data. This can lead to system slow down or total system
failure.

A Logic Bomb – is a virus that is executed when specific conditions occur, sometimes at a
certain date or time. For example the Michelangelo will destroy hard disk data on March 6,
the artist Michelangelo’s birthday.

A Trojan horse virus – is a virus that pretends to be a useful program. For example, you
might download what you think is a new game; but when you run it, it deletes files on your
hard disk.

Signs/Symptoms of an infected computer

1
  Programs take longer to time to load

 Programs just crash without any reason.

 The hard disk is being accessed more often.

 Files disappear without any reason.

 Files turns into shortcuts.

 Devices that were working well and now they cannot work.

Ways of Infection

The computer gets infected when the user:

a) Opens an infected file.

b) Runs an infected program.
c) Boots the computer with an infected removable media inserted in a drive or plugged in a
port.
d) Connects an unprotected computer to a network.
e) Opens infected email attachment.

Method of protection against viruses

Prevention is better than cure; thus it is wise to safe guard computers from infection in the
first place. Here are some guidelines

 Use an antidote (anti-virus) software or program in the computer system to identify

known viruses and remove them

 Avoid inserting removal storage media from one computer to another.

 Do not allow unauthorised people to access your computer.

 Do not boot the system with a floppy disk if your computer has a hard disk.

 Do not share software with other.

 Download software from only authorised and recognised sources.

 Do not open email attachments if you are not sure of the identity of the sender.

 Keep the write-protection tab on the floppy disk while reading data or programs.

 Back up your system when you think your system is free from viruses.

Methods of virus Eradication

2
a) Start a computer with a clean recovery disk, then scan and remove virus from a computer
with an up to date antivirus program.
b) Reformat the hard disk. (If the above has failed).
c) Delete the virus form the register

Methods of eradication of viruses; viruses can be entirely be eradicated by formatting the

computer system, this is completely erasing the computer contents in the hard disks. And the
other method is through the use of anti viruses.

Examples of Anti Virus software

Norton anti virus

McAfee virus scan

Kaspersky anti virus

Smadav anti virus

Computer Crimes

Computer crimes refer to dishonest practices involving computers.

Hacking

Hacking is the unauthorised accessing of information in a computer system. The person who
does this is referred to as a hacker. Some hackers do crack the computer just for a challenge
or as a prank. Although this might seem harmless it can cause a considerable damage and it
is also illegal.

 To steal important and highly confidential data

 To copy computer programs illegally

 To alter data

 To destroy data either by deleting it or installing a virus to destroy or corrupt it.

 To transfer money from one account to another using electronic funds transfer.

Software piracy; every software must be legally acquired by the users. There is a licence fee
for each package which users must pay. Any original software package bought legally comes
with a license. If it does not, it is pirated software. Illegal use or copying of software is
software piracy or simply piracy.

Internet fraud; it occurs mainly in the bogus selling of products over the internet. Many
legitimate companies set up virtual shops/malls on the web sides allowing views to and

3
purchase for sale. When customers have purchased goods on this website, these bogus
companies collect money and do not deliver the goods.

Computer security

All computers should have good security. Computer security involves safeguarding
computer resources against abuse, accidental loss of data and unauthorised use. Computer
systems are usually kept safe by;

1. Physical safeguard

This deals with protection of software and hardware from accidental and malicious damage
or destruction for instance:

 Only allowing personnel access to computer facilities, this can be enforced by the use of
monitoring system using video camera, security alarms and security guards.

 Storing data in a fireproof safe

 Storing data in another building or another location

 Distributing sensitive work to a number of employees rather than just one.

 Use of biometrics system

 Use of access cards

 Use of firewalls(hardware)

2. Software safeguards

Use of passwords and usernames to access the system – a user has to enter the password or
PIN (personal Identity Number) to gain access to the system

Data Encryption – encoding (scrambling) data during storage or transmission so that it

cannot be understood by someone who does not have the encryption key or software to
convert it back to the original form.

Installing firewalls – this is a program, hardware device or a combination of both, that filters
the information coming in through the internet. It prevents unauthorised users to gain access.
Some firewalls protect systems from viruses, spam (electronic junk mail). Two popular
software packages are Black Ice Defender and Zone Alarm.

4
3. Computer backup

Backing up data means taking a copy of the data from the computer (source) and keeping it
away in a secure place. It involves copying data from a hard disk into a magnetic tape or
other storage media. Backup file can be used in case of computer failure or loss of data on
the computer. The following are methods of backup that can be used;

i. Full backup

A full backup is a backup of every file on a file system, whether that file has changed or not.

The alternatives to a full backup are incremental backup and differential backup.

A full backup takes longer to accomplish and requires the most storage space on the backup
media, but it also provides the quickest restore times.

A full backup should be performed weekly or monthly on production systems, along with
daily differential backups. It would be best to build full backups at all time, since they are the
most complete and are self-reliant. On the other hand, the total time it takes to execute full
backups often stops us from using this backup mechanism. Full backups are normally limited
to a weekly or monthly timetable, even though the escalating pace and storage capacity of
backup media is making quick full backups a more practical proposal.

A full backup should also be performed before any major planned changes to a system.
However, full backups have a noteworthy security concern. Every full backup encloses a
complete replica of the data. If the backup media were to be illegitimately accessed or stolen,
the unauthorized person would then have admittance to your complete data.

The only advantage with full backup mechanism is that the restoration process takes
minimum time. The disadvantages are that the backup process is very time consuming and
the storage space requirements are quite high.

ii. Differential backup

A differential backup is a backup of every file on a file system which has changed since the
last full backup.

The alternatives to a differential backup are incremental backup and full backup.

A differential backup can be an optimal middle-ground between a full backup and an

incremental backup.

A differential backup is not as fast as an incremental backup, but it is faster than a full
backup. A differential backup requires more storage space than an incremental backup, but
less than a full backup.

5
A differential backup requires more time to restore than a full backup, but not as much time
to restore as an incremental backup.

If you perform a full backup on Sunday and a differential every night, and the system crashes
on Thursday, you will only need to restore the full backup from Sunday and the differential
backup from Wednesday.

In contrast, if you perform a full backup on Sunday and incremental backups every night,
when the system crashes on Thursday, you will need to restore the full backup from Sunday
along with the incremental backups from Monday, Tuesday, and Wednesday.

A differential backup should be performed daily on production systems.

iii. Incremental backup

An incremental backup is a backup of every file on a file system which has changed since the
last backup. The alternatives to an incremental backup are differential backup and full
backup. An incremental backup is the fastest backup and requires the least storage space on
the backup media. However, incremental backups also require the longest time and many
tapes to restore. Incremental backups should be used only in environments where backup
time or backup storage media are extremely constrained. For most environments, a weekly
full backup and a daily differential backup represent a better plan

SUMMARY OF BACKUP

*Incremental backup is the most recommended backup type.