Securing data and personal information - Shawon Notes

ICT > Impact of ICT


Securing Data and Personal Information

Physical safeguards

Physical safeguards deal with the protection of hardware and software from accidental or malicious damage or destruction. For example:

  • Access control to ICT rooms using locks that are opened using entry codes, swipe cards or biometrics such as fingerprints and retinal scans. Security guards can ensure that those entering using entry codes and swipe cards are actually those who are allowed entry.
  • Access monitoring using CCTV cameras so that those entering and leaving ICT rooms can be recorded.
  • Data security can be ensured by taking regular backups and storing these in a fireproof safe in another location.
  • Protect hardware from fire, floods, theft and malicious damage by locating it in buildings and areas where such problems can be reduced, for example, in a concrete underground bunker on top of a hill that is accessible only through a well guarded and narrow passage. Or more usually, not on the ground floor of a building where hardware is accessible to thieves.
  • Further precautions to protect hardware from theft involve clamping individual computers to desks or securing them to wall; installing burglar alarms attached to individual computers in addition to those already used for the building and using CCTV cameras in ICT rooms to discourage inappropriate use of computer equipment and to allow any such use to be traced and the culprits identified.
  • Make detailed contingency plans and disaster recovery arrangements so that ICT systems continue operating with a minimum of disruption and recovery is swift. For example, make arrangements with an organization with similar ICT facilities that is located at a distance so that their ICT facilities can be used should your own be destroyed.

Software safeguards

Software safeguards can protect data from theft or damage by hackers and other unauthorized persons accessing the software to steal or damage it. For example:

  • Use of ICT systems and networks in restricted to those who have valid usernames and passwords.
  • Access permissions that allow access to the data to the minimum number of people who need it. Others are blocked from accessing the data.
  • File-level passwords that restrict access to individual files to those who have appropriate access permissions and passwords.
  • Use a virus scanner to prevent viruses entering your system. The intention of some viruses is to damage software recorded on the ICT system or steal it by copying it and emailing it to unauthorized persons.
  • Use a firewall. This is a program or hardware device or combination of both that filters the information coming through the Internet connection into a computer or network, to prevent unauthorized users from gaining access. Some firewalls also block cookies, pop-up adverts and spam. Popular firewall software packages are BlackICE  Defender, ZoneAlarm, and Freedom.
  • Data encryption is used so that if data is access by unauthorized persons it cannot be understood. Encrypted data is scrambled during storage and transmission so that it cannot be understood by someone without the encryption key to unscramble it. Wireless networks can be encrypted using WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access)
  • Establish transaction logs to automatically track alterations to ICT systems. Including the identity of those who access data and all the changes made.