There are many threats regarding ICT security. Firstly employees cause a huge threat as the majority of people think that it would be hackers and crackers that they need to be wary of however when surveys were conducted it was estimated that over 50% of threats to ICT systems are caused by the organizations own employees. The way they do this is by the employee selling confidential data for personal gain. Also carelessness is a big problem for example if an employee leaves a laptop prone to theft in an unlocked car. Another point is that employees with sufficient security rights on a network could quite easily make copies of sensitive data and pass it on using e-mail attachments or removable media. Also an employee who is unhappy with the organization and might want to cause havoc for them by committing sabotage on data, such as deleting or corrupting important files.
The main and probably most common 'threat' to an ICT system is Viruses - which is illegal. Virus effects can vary from the simple act of deleting data to transferring data or even disabling system functions.
The biggest problem with Viruses is that they can enter ICT systems in many ways. Such as memory sticks, electronic mail and the internet.
The second factor to consider here is that even though there are measures in place to deal with the threat of Viruses, the threat is constantly changing as new Viruses are written everyday.
Spyware-- installed on the user's computer and not easy to detect. - data that is stored on internal computer systems is sent to an external sourse withoutthe permission or knowledge of the user. - passwords for internet banking might be stolen, perhaps by the monitoring of keystrokes make by the users when logging on to the bank's website - networks of infected computers could be used to commit further crimes over netwroks. This would allow hackers to control access to an organistaion's computer system and give them access to all of the business transactions that are taking place.
• Failure to follow standard clerical procedures can put data at risk • Organizations users are encouraged to change their passwords regularly and that they use characters and numbers as this increases security • Users shouldn’t make the passwords too long and complicated that they don’t remember them • Printed copies of information need to be stored securely and shredded when they are no longer needed • Backup media needs to be protected very well as this have the potential to be stolen and copied, and will contain HUGE amounts of data. Also keeping them in an area protected from unauthorized users accessing it will not only prevent it be stolen and copied but also kept safe from physical dangers e.g. fire or flood • If employees do get hold of the information they can then threaten data through malpractice or through crime • Data privacy is also threatened by the theft of the media • Also physical factors like a fire, flood or even a terrorist attack can ruin an organization as data may be lost forever if its not saved somewhere else
Employees: The employees are said to be one of the main threats to the ICT system. This could be caused by an employee selling important and confidential data to another organization for personal benefits. An employee who has been given the right to go through that important information can use it for his own use.
Human error: It is possible that a person may forget his or her own password which is why it is considered as a good practice to regularly change he passwords. To prevent this from happening, employees can save this important information on floppies or disks as backup. Other dangers such as fire etc. may also harm the backup disks so it is important to keep them in a safe and secure place.
I think the possible threats to ICT systems might be:- Employees *External threats from hackers and crackers *Employees might sell confidential data for personal gain *Data could be lost and passed on through carelessness for e.g. if an employee leaves a laptop prone to theft in an unlocked car *Employee with security rights on a network can make copies of sensitive data quite easily and by using email attachments or removable media, can pass them to an unauthorized party *Employee who is unhappy with some aspect of the organization may also be a threat to its data by committing sabotage, such as deleting or corrupting important files.
Human error *Can forget passwords *Can forget to store the printed copies of information *Backup media needs to be kept in a storage area protected from unauthorized access as well as from physical dangers such as fire and flood. *Employees can threaten data through malpractice or through crime. *Copies should be available from a separate location incase of a data loss *Failure to follow standard clerical procedure can also put the security data at risk.
Viruses *This is an illegal activity *It can delete data or use up system resources to make the computer so slow it is virtually unusable *Viruses can be introduced by removable electronic media such as memory sticks or from an external source via the internet *Most systems have anti-virus software *Most anti-virus software has an automated update system to check for new viruses.
Spyware *Increasing threats from spyware can lead to organisations’ networks becoming more exposed to further attacks *Spyware is installed on the user’s computer and is not always easy to detect *Some of the threats it can cause are : •Data that is stored on the internal computer systems is sent to an external source without you even knowing and certainly without your permission. •Passwords for internet banking might be stolen by the monitoring of keystrokes made by the user when logging on to the bank’s website. •Networks of infected computers could be used to commit further crimes over networks. This would allow hackers to control access to an organisation’s computer system and give them access to all of the business transactions that are taking place.
Data is often the most valuable resource any business has. The cost of creating data again from scratch can far outweigh the cost of any hardware or programs lost.
Loss of data from hacking can have various consequences, WHAT ARE THEY?
14 comments:
Human error
back ups have the potential to be lost of stolen
print outs might not be detroyed properly
individuals or organistations can use the computers illegally
malpractice
Employees
malpractice- when a employee goes against the company ICT code of practice,e.g. leaving a computer unprotected from unauthorised users.
selling information for personal gain.
data could be lost or passed on carelessly
make copy of information and pass it onto unauthorised persons
Employees
There are many threats regarding ICT security. Firstly employees cause a huge threat as the majority of people think that it would be hackers and crackers that they need to be wary of however when surveys were conducted it was estimated that over 50% of threats to ICT systems are caused by the organizations own employees. The way they do this is by the employee selling confidential data for personal gain. Also carelessness is a big problem for example if an employee leaves a laptop prone to theft in an unlocked car. Another point is that employees with sufficient security rights on a network could quite easily make copies of sensitive data and pass it on using e-mail attachments or removable media. Also an employee who is unhappy with the organization and might want to cause havoc for them by committing sabotage on data, such as deleting or corrupting important files.
Viruses
a piece of malicious code which is written by programmers and used to corrupt data and system. It comes in different forms such as worms and trojans.
The main and probably most common 'threat' to an ICT system is Viruses - which is illegal. Virus effects can vary from the simple act of deleting data to transferring data or even disabling system functions.
The biggest problem with Viruses is that they can enter ICT systems in many ways. Such as memory sticks, electronic mail and the internet.
The second factor to consider here is that even though there are measures in place to deal with the threat of Viruses, the threat is constantly changing as new Viruses are written everyday.
~ Baden
Spyware-- installed on the user's computer and not easy to detect.
- data that is stored on internal computer systems is sent to an external sourse withoutthe permission or knowledge of the user.
- passwords for internet banking might be stolen, perhaps by the monitoring of keystrokes make by the users when logging on to the bank's website
- networks of infected computers could be used to commit further crimes over netwroks. This would allow hackers to control access to an organistaion's computer system and give them access to all of the business transactions that are taking place.
Human Error
• Failure to follow standard clerical procedures can put data at risk
• Organizations users are encouraged to change their passwords regularly and that they use characters and numbers as this increases security
• Users shouldn’t make the passwords too long and complicated that they don’t remember them
• Printed copies of information need to be stored securely and shredded when they are no longer needed
• Backup media needs to be protected very well as this have the potential to be stolen and copied, and will contain HUGE amounts of data. Also keeping them in an area protected from unauthorized users accessing it will not only prevent it be stolen and copied but also kept safe from physical dangers e.g. fire or flood
• If employees do get hold of the information they can then threaten data through malpractice or through crime
• Data privacy is also threatened by the theft of the media
• Also physical factors like a fire, flood or even a terrorist attack can ruin an organization as data may be lost forever if its not saved somewhere else
Threats regarding ICT security:
Employees: The employees are said to be one of the main threats to the ICT system. This could be caused by an employee selling important and confidential data to another organization for personal benefits. An employee who has been given the right to go through that important information can use it for his own use.
Human error: It is possible that a person may forget his or her own password which is why it is considered as a good practice to regularly change he passwords. To prevent this from happening, employees can save this important information on floppies or disks as backup. Other dangers such as fire etc. may also harm the backup disks so it is important to keep them in a safe and secure place.
I think the possible threats to ICT systems might be:-
Employees
*External threats from hackers and crackers
*Employees might sell confidential data for personal gain
*Data could be lost and passed on through carelessness for e.g. if an employee leaves a laptop prone to theft in an unlocked car
*Employee with security rights on a network can make copies of sensitive data quite easily and by using email attachments or removable media, can pass them to an unauthorized party
*Employee who is unhappy with some aspect of the organization may also be a threat to its data by committing sabotage, such as deleting or corrupting important files.
Human error
*Can forget passwords
*Can forget to store the printed copies of information
*Backup media needs to be kept in a storage area protected from unauthorized access as well as from physical dangers such as fire and flood.
*Employees can threaten data through malpractice or through crime.
*Copies should be available from a separate location incase of a data loss
*Failure to follow standard clerical procedure can also put the security data at risk.
Viruses
*This is an illegal activity
*It can delete data or use up system resources to make the computer so slow it is virtually unusable
*Viruses can be introduced by removable electronic media such as memory sticks or from an external source via the internet
*Most systems have anti-virus software
*Most anti-virus software has an automated update system to check for new viruses.
Spyware
*Increasing threats from spyware can lead to organisations’ networks becoming more exposed to further attacks
*Spyware is installed on the user’s computer and is not always easy to detect
*Some of the threats it can cause are :
•Data that is stored on the internal computer systems is sent to an external source without you even knowing and certainly without your permission.
•Passwords for internet banking might be stolen by the monitoring of keystrokes made by the user when logging on to the bank’s website.
•Networks of infected computers could be used to commit further crimes over networks. This would allow hackers to control access to an organisation’s computer system and give them access to all of the business transactions that are taking place.
EXCELLENT ANSWERS!!!
Data is often the most valuable resource any business has. The cost of creating data again from scratch can far outweigh the cost of any hardware or programs lost.
Loss of data from hacking can have various consequences, WHAT ARE THEY?
Post a Comment