Wednesday, April 10, 2019
Everyone Has The Right to Privacy Essay Example for Free
Everyone Has The Right to loneliness EssayEveryone has the right to privacy. This is the right to non demand peaks about our lives to be held or circulated without our friendship/consent. data of force play nature ar collect every so often by organisations. For showcase* Employers detainment personnel records that include data on address, age, qualification, salary, sick leave and so on.* Stores hold detail on credit card payment, accounts history, items purchased* Banks hold details on salary, income and withdrawals, direct debits to various organisations* Insurance companies hold detail on property, cars, accidents, claims and health. This list is endless. Modern techno entery has made it possible to store vast quantities of data, so that it give the sack be viewed from all over the world and so that it batch be used to execute a profile of an individual.Threats to in beation SystemsOrganisations can protect the integrity of data (by preventing inaccurate data ent ry, cattish or accidental alteration), and simple measures can be taken to protect the security of data form theft or destruction.Data IntegrityThis refers to the correctness of data. The data held on a computer whitethorn become incorrect, corrupt or of poor quality. This could happen at different stages of data processing.1. Errors in the Input. Data may be keyed in wrongly.2. Errors in Operating Procedure. An update program may be ran twice in error, thus the master file would be updated twice.3. Program errors could lead to corruption of files. A new system may develop errors in it which may not surface for some time, only when they may be introduced during program maintenance.Standard Clerical proceduresTo protect a get tost input and operating, procedures can be enter and followed for both input and output.Input* Data entry moldiness be limited to authorized personnel only* In commodious volume data entry, data may be verified (keyed in twice), to guard against keying er rors* Data control totals moldiness be used wherever possible to verify the completeness and trueness of the data, and to guard any copying/duplication or illegal entry.Output* All output must be inspected for reasonableness and any inconsistencies investigated.* Printed output containing photosensitive information should be shredded after use.Write-protecting DisksWrite-protecting disks and tapes can be used to avoid accidental over save up on a disk or a tape. This can be effective against an operator error. Both disks and tapes have write-protecting mechanisms.User IDs and passwordsEach user in an organisation who is permitted to the access of the company database is issued with a user id and a password. In most cases there atomic number 18 certain levels of access at which employees can access data. Some of the most common password rules are* Passwords must be at least six characters* The password display must be mechanically suppressed on the screen or printed output* Files c ontaining passwords must be encrypted* All users must batten down that their password is kept confidential, not written down, not made up of easily guessed words and is changed at least every three months.Access rightsEven authorized users don not normally have the right to see all the data held on a computer.e.g. A hospital receptionist may have the right to view and change some patient details, such(prenominal) as the name, address, and appointments. But they may not have access to the patients medical file.Access rights to data could be set to read only, read/write or no access. This way a user in a company can gain access to data which they are permitted to see and can only change data if they are empower to do so.Likewise, the computer it self can be programmed to allow access to data from a crabbed terminal, and only at a certain time of day. The terminal in the administrators office may be the only terminal which has authorisation to change the structure of a database. An access directory can be made, which shows each(prenominal) users access rights.Securing against fraudulent use or malicious injuryOrganisations are often exposed imputable to* The possibility of fraud* The deliberate corruption of data by unhappy employees* Theft of software or data which may fall into the hands of their competitors.Measures to oppose these risks are as follows.* Careful selection of employees* quick removal of employees who have been sacked or who hand in their resignation, and the cancellation of their passwords and authorisation.* Separation of duties. This is to ensure the involvement of cardinal or more people to defraud the company.* Prevention of unauthorised access by employees and some others to secure areas such as computer operations rooms, by the use of machine readable cards/badges or other types of locks.* The use off passwords to gain access to databases.* Educate staff to be aware of security breaches, and to be alert in preventing them or repor ting them.* Appointing a security manager who can, with the use of special software, observe all computer screens. The special software can also be used to record all logins at each terminal, time of logins and the number of times particular software is used. It will even log the security managers activities.Protection against VirusesSteps can be taken to minimize the risk of suffering damage from viruses* Making sure that all software which is purchased is in sealed, tamper-proof packaging* Not permitting floppy disks carrying software of and sorting to be removed from or brought into the office* Using ant-virus software to check all applications brought into the office.Biometric security measuresBiometric methods of identifying an authorised user are fingerprint scanning, voice recognition and face recognition. One such system uses infra-red scanners to transport the unique pattern of blood vessels under the skin. This system can even differentiate between monovular twins by c omparing the scans.Communications SecurityTelecommunications systems are vulnerable to hackers who discover user ids and passwords and can gain access to a database from their own computer. One way to avoid this is to use call-back procedure. This is when a remote user logs on, the computer automatically calls that user back on a pre-arranged number to brook the log on.Data encryption can also be used to scramble highly sensitive or confidential data before transmitting it.Disaster PlanningNo matter what precautions are taken, the possibility of data being destroyed is always great. A simple disk head settle can destroy a disk packing a fraction of a second. System designers must provide a reasonable backup facility that does not degrade the performance of the system and is not very expensive.The cost of lack of planning for a computer failure can be ruinous.occasional BackupsThe most common way to ensure that data is not lost is to make regular copies of files into a safe place. This is called Periodic Backups.This scheme has several weaknesses* All updates to a file since the last backup may be lost* The systems may need to be shut down during backup operations* Backups of large files can be time consuming* When a failure occurs, recovery from the backup can be even more time consuming.A benefit is that files which may have been fragmented can be reorganised to occupy smaller amounts of same, resulting in faster access time.It is important to store copies of data in secure areas. One copy of data can be held in a fire-proof safe in a building and another off-site.Recovery proceduresA contingency plan needs to be develop to allow rapid recovery of major disruptions. It is necessary to do the following in backup procedures1. refer alternative compatible equipment and security facilities, or implement a service agreement which provides equipment when needed.2. Have supplying for alternative communication links.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment