CHAPTER – 9 SECURITY, PRIVACY AND DATA INTEGRITY

DATA INTEGRITY
Data integrity means that data stored should be up-to-date, accurate and consistent.
The overall intent of any data integrity is to ensure, that data is recorded exactly as
intended and upon later retrieval, to ensure, that data is the same as it was when it was
originally recorded. Data integrity aims to prevent the intentional/unintentional
changes to information.
Few Examples:
1. Integrity is violated when an employee accidentally or with malicious intent
deletes/changes important data files.
2. Power outages that affect servers that host critical applications.
3. Human errors while entering information in the system (e.g mistyping the
address, age etc)
4. In the healthcare, keeping data integrity for patient records is vital for proper
diagnosis and treatment. For example, medical professionals rely on accurate
electronic health records to access patients’ medical history or allergies.
Discrepancies or errors can lead to incorrect treatments or prescriptions with
potentially life-threatening consequences.
5. Educational institutions require accurate student records for various purposes
such as enrolment management and academic progress tracking.
In all the above cases integrity of the data is compromised.
DATA PRIVACY
Data privacy is about keeping the data private rather than allowing it to be accessed
by public without consent. It is used to prevent the disclosure of information to
unauthorized individuals or systems.
Few Examples:
1. Credit card transaction on any online shopping app requires the credit card
number to be transmitted from the buyer to the merchant and from the
Merchant to a transaction processing network. The system attempts to enforce
confidentiality by encrypting the card number during transmission, by limiting
the places where it might appear (in databases, log files, backups, printed

1|MAYU RI ’S COMPU T ER ACADEM Y

receipts, and so on), and by restricting access to the places where it is stored. If an
unauthorized party obtains the card number in any way, a breach of confidentiality has
occurred.
2. If a laptop/computer containing sensitive information about a company, and if
the information is stolen, it could result in a breach of confidentiality.
Following should be ensured to achieve data privacy:
1. Organizations should collect and use personal data that's necessary to accomplish
a task.
2. Organizations should get explicit consent before sharing customer data with their
partners.
3. Only authorized personnels should be allowed to access the sensitive data.
4. Organizations should be honest about their information, policies and practices.
Data protection laws can:
• Ensure that data is collected and processed ethically and fairly.
• Give individuals the right to know about their data, and how it is collected,
stored, and transferred.
• Provide a mechanism for individuals to redress grievances if their data is
violated.
• Address concerns about the privacy of data raised by new technologies like
facial recognition and surveillance.
DATA SECURITY
The objective of computer security includes protection of information & property
from theft, corruption, or natural disaster, while allowing the information and property
to remain accessible and productive to its intended users.
Threats to computer and data security posed by networks and the internet:
1. Malware (malicious software) – It is a program that is introduced into a
computer (system) for a harmful purpose. The various types of malware
containing programs are virus, worm, trojan horse, spyware etc. Malware can
gather information from a compromised device, such as passwords, email
addresses, and bank account details.
2. Cyber attacks - The increasing sophistication of attackers and their ability to
exploit software and firmware vulnerabilities pose a significant danger to
network security.

2|MAYU RI ’S COMPU T ER ACADEM Y

Threats to data security - System vulnerability arising from user activity:
1. Usage of weak passwords which can be easily hacked.
2. A legitimate user not recognizing the phishing attack and this giving away
sensitive information like credit card number, OTP, bank details etc.
3. Malware might be introduced deliberately or accidently due to attaching a
portable storage device(pendrive), opening an email attachment, downloading a
file from internet.
4. When someone with legitimate access to a network, misuses their privileges,
which can have detrimental consequences for the organization's systems and
data.
Threats to data security – Vulnerability arising from within the system itself
1. Outdated software/systems - Older systems often lack the latest security
updates and protection.
2. Operating system often lack good security. Regular updates are required for the
newly discovered vulnerability.
Security Measures for protecting Computer Systems
1. User Authentication
• Even if PC is used by only one person there should be user account set up.
• Different user accounts for multi user systems are must.
• Administrator and user accounts should be separated with required permissions
for each type of account.
• A maximum rate for unsuccessful login attempts must be enforced. Account
lockout is not required, but the rate of unsuccessful logins must be limited.
• Sessions must be locked or closed after some reasonable period.
• Biometric methods can be used for authentication (Finger print or face
recognition)
• Security Token can be a small item of hardware or software provided for each
individual user that confirms their identity.
2. Use a firewall - A firewall acts as a barrier between your computer and the
internet, monitoring and controlling incoming and outgoing network
traffic. Firewalls can be hardware devices or software programs
3. Use strong passwords - Use a combination of letters, numbers, and symbols
that are at least eight to 12 characters long. Avoid using common slang words or
easy to guess password. Change your password regularly. All accounts and
sensitive resources must be protected by a password.

3|MAYU RI ’S COMPU T ER ACADEM Y

 4.Good Practices – Good practices like not leaving the computer switch on when
unattended, not allowing someone else to observe you accessing the computer
and not writing the details on a paper (username and password) for your use.

5. Digital signature
Digital signatures can be used to secure data by verifying the authenticity and integrity
of digital documents, messages, and software. They are a digital equivalent of a
handwritten signature and are considered legally binding in many countries. It is
basically a way to ensure that an electronic document (e-mail, spreadsheet, text file,
etc.) is authentic. Authentic means that you know who created the document and you
know that it has not been altered in any way since that person created it.
Digital signatures rely on certain types of encryption to ensure authentication.
Encryption is the process of taking all the data that one computer is sending to another
computer in encoded form that only the other computer will be able to decode.
Authentication is the process of verifying that information is coming from a trusted
source. These two processes work hand in hand for digital signatures.
6. Antivirus software and Intrusion Detection System
Antivirus and intrusion detection systems (IDS) are both important tools for protecting
your network and devices from threats:
Antivirus - Prevents, scans, detects, and removes viruses from your computer. Most
antivirus software runs automatically in the background to provide real-time
protection.
Intrusion Detection System - Monitors network traffic and devices for suspicious
activity, security policy violations, or known malicious activity. IDSs can help detect
threats like malware, unauthorized access attempts, and unusual traffic patterns.
Security measures designed to protect the security of data
Data Backup: Data protection is crucial for protecting your business's continuity. If
your only data backup is on a computer and the hard disk crashes or is damaged by a
power surge, your business’s data is gone. The data can be lost due to corruption of
the disk or even accidental erase/overwriting of the file.
For adequate data protection, you need to establish a data backup system.
1) a full backup is made at regular intervals (weekly backup) on a reliable media.
2) at least two generations of full back up are kept
3) incremental backups on daily basis

4|MAYU RI ’S COMPU T ER ACADEM Y

4) Keep updated data backups in a secure, off-site location.
Disk mirroring is a real-time strategy that writes data to two or more disks at the
same time. If one disk fails, the other continues to operate and provide access for users
Use unique passwords for administrator accounts: Privileged accounts must use
unique passwords that are not shared among multiple systems. Credentials which are
managed Encryption:
The translation of data into a secret code. Encryption is the most effective way to
achieve data security. To read an encrypted file, you must have access to a secret key
or password that enables you to decrypt it. Unencrypted data is called plain text
encrypted data is referred to as cipher text.
There are two main types of encryption: asymmetric encryption (also called public-
key encryption) and symmetric encryption.
Access Control
Access Control is any mechanism by which a system grants or revokes the right to
access some data, or perform some action. Normally, a user must first Login to a
system, using some Authentication system.
Next, the Access Control mechanism will control the operations the user may or may
not make by comparing the User ID to an Access Control database.
Access Control systems include:
File permissions, such as create, read, edit or delete on a file server.
Program permissions, such as the right to execute a program on an application server.
Data rights, such as the right to retrieve or update information in a database.
Data Integrity vs. Data Security
Data is the most important asset to any organization. Therefore, it must be made sure
that data is valid and secure at all times. Data integrity and Data security are two
important aspects of making sure that data is useable by its intended users. Data
integrity makes sure that the data is valid. Data security makes sure that data is
protected against loss and unauthorized access.
Lets talk more about Data Integrity.
Data integrity should be maintained during transfer, storage and retrieval.
Data Integrity can never be guaranteed, but appropriate measures can be taken to
ensure correct entry and transmission of data.

5|MAYU RI ’S COMPU T ER ACADEM Y

VALIDATION AND VERIFICATION
When data is entered in a computer system, it is valuable only if it is correct. If the
data has errors in anyway, then the data is not of any use and is unreliable. There are
following types of error that can occur with the data on entry.

• Incorrect Digits entered – 1204 entered instead of 1214

• Transposition errors – 1204 entered instead of 1024
• Phonetic errors – 30 entered instead of 13
• Omitted or extra digits – 102 entered instead of 1024
VALIDATION
Validation test Description Example
Type Check Checks that the data A field containing ages of
entered is of a specified people can contain only
type. integers and not alphabets.
Range Check Checks that the data The age of an infant can
entered is between the be b/w 1-5. So, the data
upper and lower limit. should not be below 1 or
above 5.
Format Check Checks whether the data The data is in the format
entered is in the correct DD/MM/YYYY.
format. MM/YYYY/DD would be
wrong.
Length Check Checks whether the data An 8-digit password can
entered is of a certain only be of 8 digits. Any
length. other # of digits would
give an error
Presence Check Checks to ensure that the In online shopping, it is
field has not been left made sure that the user
empty. enters their name and
doesn’t leave the name
field empty.
Existence Check Checks if a data in a file If the ID of a table is
exists or not. entered the table should
show up. It ensures that
the details of the tables are
present.
Limit Check Checks either the upper or Passwords
lower limit of the data
entered.
Consistency Check Checks whether data in 2 Typing in the title as Mr.
or more fields matches up and choosing the sex as
correctly. Female.

6|MAYU RI ’S COMPU T ER ACADEM Y

 Uniqueness Check Checks that each entered The product codes in a
value is unique. supermarket are all unique
and it ensures they don’t
overlap.

VERIFICATION
It is used to check whether the data entered is accurate and according to a predefined
criteria. It is used to check that the data has been copied correctly from the source
which might be a hard copy document or another computer.
Methods of Data Verification:
1. Double Entry
• The data is entered 2 times and then compared to see if any error is made.
2. Visual Check
• The data entered is compared to the hard copy.
3. Check Digit
• It is an additional digit added to the right of a barcode or ISBN number.
• It is used to check whether for example the barcode is correctly input.
• It can catch incorrect digits being entered, missing digits, phonetic errors
(typing 12 instead of 20), swapping of 2 numbers w/ each other.
4. Checksum
• It is used to check if data has been changed or corrupted during data
transmission.
• Data is sent in blocks and an additional value is sent at the end of the block
of data.
5. Parity Check
• It is used to check if data has been changed or corrupted during data
transmission.
• There are 2 types: Odd parity (contains odd # of 1s) Even parity (contains
even # of 1s).
6. Automatic Repeat Request (ARQ)
• It is used to check data following its transmission.
• It consists of an acknowledgement and a timeout.
• If an error is detected or a timeout occurs, a package of data is re-requested.
****************

7|MAYU RI ’S COMPU T ER ACADEM Y