DATA SECURITY AND CONTROLS

Chapter Objectives
1. Define the terms data security and privacy
2. Identify security threats on ICT and possible control measures
3. Identify types of computer crimes
4. Discuss laws governing protection of ICT systems

Introduction
- Computers face threats to data security & control measure. These are called computer crimes.
It is possible to put in place measure that can detect & protect any possible computer crimes
against computer systems and associated data. Data & Information must be protected against
unauthorized access, disclosure, modification or damage. This is because; it is a scarce &
valuable resource for any business organization or government. Most countries have laws that
govern the protection of information, communication and technology systems.

Definition of data security and privacy

- DATA - is raw facts and figures that are yet to be processed for use.

- DATA SECURITY - is protection of data or programs against loss of confidentiality, integrity and
availability.

- DATA CONTROL - Refers to all possible measures taken to ensure the security of data.

- DATA PRIVACY - Refers to the right of an individual to have information about them regarded as
confidential. e.g health records, bank account details, online conversations, police investigation.

- CONFIDENTIALITY - Means data is private. It ensures that data is accessed only by authorized
individuals. Such data can never be published or used for monetary gain without the owner's
knowledge. Such individuals include lawyers, doctors and police.

- INTEGRITY – refers to the accuracy, completeness, and consistency of data (ensures that information is
reliable as well as accurate).

Main Elements of Data Security

1. Confidentiality ensures that data is accessed only by authorized individuals;
2. Integrity ensures that information is reliable as well as accurate; and
3. Availability – ensures that data is accessible to satisfy business needs.
Security Threats and Control Measures
- Data loss/threats to data security can be due to:

1. computer viruses
2. unauthorized access
3. computer errors/accidental erasures
4. theft
5. crashing of HDD
6. Power failure

1. Computer Viruses
- A computer virus is a dreadful/malicious computer program that damages and interferes with
the normal running of the computer. Viruses attach themselves to legitimate programs with the
intention of infecting other programs and hijacking vital resources such as memory and
processors. Viruses can erase, modify or encrypt other files.

TYPES OF VIRUSES
a) Worms - viruses that attach themselves to computer memory. Worms propagates itself
across computers, usually by creating copies of itself in each computer's memory

b) Hoax - Viruses sent as emails by unknown individuals with the intention of trickery or
deception.

c) Trojans (Trojan Horse) - A destructive program disguised as a game, utility, or application.

When run, a Trojan horse does something harmful to the computer system while appearing to
do something useful.

d) Boot sector virus - Are viruses that affect the boot information.

e) Trapdoor - A virus that provides secret access to a program or system by bypassing its
security controls.

f) File Virus - Viruses that attach themselves to computer files.

Characteristics/Features of Computer Viruses

A) Are named fraudulently/deceptively - pleasant but deceiving names.

B) Perform unauthorized operation such as file modification.

C) Are self-replicating - they multiply themselves to occupy a large space in memory and/or
storage.
D) Some delete files or program in a computer

E) They install themselves without the user's permission.

Sources of Viruses
1. Contact with contaminated storage devices such as flash drives.

2. Software updates on a network

3. Pirated software, Music & videos

4. Attachments on emails, movies and music

5. The internet - a computer that is connected to the internet is more vulnerable to viruses
through:

1. Spyware - malicious programs that monitor the users browsing activity.

2. Freeware - free programs available online

3. Shareware - programs available for free online for a limited amount of time.

Symptoms of a Virus Infected Computer

1. Displaying unfamiliar graphics/images.

2. Unusual error messages displayed on screen without any cause/reason.

3. Computer programs taking too long to load or running too slow.

4. Available RAM capacity becomes severely limited.

5. The computer restarts or shuts down without being commanded.

6. Programs running multiple instances without being commanded.

7. Making services on the computer unavailable to the user e.g printing, keyboard, network.

8. Denied access to programs.

Control against Virus

1. Install and regularly update an antivirus program.
2. Always scan any secondary storage before use.

3. Always maintain an up-to-date backup of your data and programs to prevent loss.

4. Avoid using pirated software.

5. Scan files and programs after downloading them from the internet.

6. Installing a firewall on the network

2. Unauthorized access
Unauthorized access refers to illegal access or alteration of data or programs.

Control measures against unauthorized access

1. Restricting access to computer room – only allow authorized personnel e.g. through:
locked doors, speech recognition access, badge readers, security guards.
2. Secure the computer room – e.g. by fitting a security alarm at the door, metallic doors,
metallic window grills.
3. Encryption of data transmitted through a network – encryption involves converting
data/information (plaintext) into a code (ciphertext) that hides the true meaning of the
original data. Hence only authorized people can decode that data to the original form.
4. Using passwords – a password is a phrase used to restrict access to a file or computer
system. A strong password should contain at least 8 characters with a combination of
upper and lower case letters, numbers, symbols and special characters.
5. Network security – involves restricting the sharing and access to information on a
network through levels of access (hierarchy).

3. Computer errors and accidents

Are caused by an authorized user who by mistake executes a command that causes the
computer to: shut down, delete data or share data to unauthorized personnel.

Control measures

1. Use or restore tools – a feature that allows the user to restore data that was unsaved
2. Backups – stores a copy of the data in case the original is lost
3. Used data recovery tools – are special programs that can restore deleted data from a
formatted storage device.
4. Using the recycle bin – a storage location where deleted files are stored in case one
wants to restore the data.
 4. Theft
Involves stealing computer equipment, software or data. Stealing important components of a
computer system to cause damage is called vandalism.

Control measures

1. Keep regular backups to avoid losing data

2. Employ security guards to watch over the building
3. Fitting security alarms to detect illegal access
4. Building the computer room in a secure place to minimize illegal entry
5. Locking the doors when the room is not in use

5. Crashing of the hard drive

Refers to permanent damage of the hard disk resulting to malfunctioning.

Control measures

1. Install and update your antivirus

2. Frequently blow away dust to avoid dust accumulation
3. Shutdown the computer with the correct procedure
4. Connect the computer to a stable power supply e.g. UPS

6. Power Failure
Power failure results to loss of unsaved data and crashing of the hard disk.

Control measures

1. Use a UPS for power backup

2. Save your work frequently
3. Activate autosave on your application programs

Computer crimes/cyberterrorism
Are illegal operations done with or on an information system.

1. Trespass – illegal access to the computer room or data sent over a network.
2. Hacking – gaining unauthorized access to a computer system by breaking codes or
passwords.
3. Tapping – involves intercepting information or data that is on its way from a source
computer to the destination computer.
 4. Cracking – process of trying all possible character combination likely to be used to access
a system until a weak point is revealed. Then the cracker gains access.
5. Piracy – illegal distribution of copyrighted material such as music, software, movies and
books. It is also called theft of intellectual property.
6. Fraud – using a computer system to fake documents, hide information or cheat
unsuspecting people with the intention of gaining money. E.g. sending emails to people
congratulating them on wining a lottery but asking a certain amount of money to receive
the prize.
7. Sabotage – deliberate destruction or obstruction of a computer system for a personal or
business advantage. Normally done by business competitors.
8. Alteration – illegal modification to data with the intention of gaining money or
misinforming users.
9. Eavesdropping – refers to listening to a communication secretly. Done by tapping the
communication channel.

Detection and protection

1. Audit trail – a detailed/thorough study done on an information system by experts to
identify any loophole that can be used to illegally access the system. It can also be done to
try and recover lost information and detect illegal alterations/modifications, hacking and
trespass.
2. Data encryption – is done to data/information to avoid being read during transmission
or to guard against unauthorized access. It does this by converting normal data
(plaintext) into a non-readable code (ciphertext). The ciphertext can be converted back to
plaintext but only by the person with a key in a process called decryption.
3. Log files – these are system files on a computer that record how the system is being
used. They, e.g., record the time one has logged on a computer, the files accessed, the
programs opened, websites visited, etc. They monitor the activities of users or employees
in an organization.
4. Firewalls – this is a hardware/software that filters out information coming or leaving
through the internet. They: control access to an information system through the network,
monitor traffic leaving the internal network and assess network functionality.
5. Patch – this is a piece of code that repairs a defect/vulnerability/weakness in a software
without interrupting its normal operation

Laws governing protection of information systems/ICT

Data protection law may have the following provisions:
1. Data is not transferred to other countries without the owner's permission.

2. Data and information should be kept secure against loss or exposure.

3. Data and information should not be kept longer than necessary.

4. Data and information should be accurate and up to date.

5. Data and information should be collected, used and kept for specified lawful purposes.

6. Should not be kept longer than necessary

7. The owner of the data has a right to know what data is held by the person or
organization having it.

8. Do not collect irrelevant and overly too much information for a purpose.

Countries are encouraged to develop a data and information handling legal framework that will
protect people's data and information.

Review Questions

1. Differentiate between private and confidential data.

2. Why is information called a resource?
3. (a) Explain the term ‘Information security’.
(b) Recently, data and information security has become very important. Explain.
4. Differentiate between data security and data privacy
5. What is a computer virus?
6. Mention any 5 features of a computer virus
7. How can one ovoid unauthorized access to data in a computer system or data.
8. Differentiate between data security and data integrity (2mks)
9. Define the term Computer crime (1mk)
10. Explain the meaning of each of the following with reference to computer crimes: Cracking, hacking,
tapping, piracy, data alteration, fraud, trespass (7mks)
11. Outline four ways of preventing piracy with regard to data and information (4mks)
12. What is a computer virus (2mks)
13. State 4 ways through which computer viruses may be controlled (4mks)
14. State 6 precautions that you would expect an organization to take to prevent illegal access to its
computer-based systems. (6mks)
15. Give four rules that must be observed in order to keep within the law when working with data and
information. (4mks)
16. An individual has a right to demand guarantee to privacy of personal information stored on a
computer. Give three such types of information. (4mks)