Making communications land - Are they received and understood as intended? we...
Threats and Security Tips of Computer System
1. 1
Threats and Security Tips of
Computer System
Lecture 8
2. t Threats too ccoommppuutteerrss aanndd ccoommmmuunniiccaattiioonnss ssyysstteemmss
Information technology can be disabled by a
number of occurrences. It may be harmed
by people, procedural, and software errors;
by electromechanical problems; and by
“dirty data”. It may be threatened by
natural hazards and terrorism.
Computer may be harmed by viruses.
Computers can also be used as instruments
of crime. Criminals may be employee,
outside users, hackers, crackers, and
professional criminals.
CIT 3303 2
3. t Threats too ccoommppuutteerrss aanndd ccoommmmuunniiccaattiioonnss ssyysstteemmss
Here we discuss the following threats to
computers and communications systems:
Errors and accidents
Natural hazards
Crimes against information technology
Crimes using information technology
Computer Viruses
CIT 3303 3
4. EErrrroorrss aanndd AAcccciiddeennttss
Errors and accidents in computer
systems may be classified as -
People errors
Procedural errors
Software errors
Electromechanical problems
“Dirty data” problems
CIT 3303 4
5. PPeeooppllee eerrrroorrss
One of the most important part of a
computer system is the people who
manage it or run it.
Quite often, what may seem to be “the
computer’s fault” is human indifference
or bad management.
So, errors may be occurs by people
during data entry and computer operate.
CIT 3303 5
6. PPrroocceedduurraall eerrrroorrss
We know that procedures are
descriptions of how things are done,
steps for accomplishing a result.
Some remarkable computer failures have
occurred because someone didn’t follow
procedures.
CIT 3303 6
7. SSooffttwwaarree eerrrroorrss
We are hearing about “software bugs”. A
software bug is an error in a program
that causes it to malfunction.
Especially with complex software, there
are always bugs, even after the system
has been thoroughly tested and
“debugged”.
CIT 3303 7
8. EElleeccttrroommeecchhaanniiccaall pprroobblleemmss
Mechanical systems, such as printers,
and electrical systems, such as circuit
boards, don’t always work. They may be
faultily constructed, get dirty or
overheated, or become damaged in some
other way.
Power failures can shut a system down
and burn out equipment.
CIT 3303 8
9. ““DDiirrttyy ddaattaa”” pprroobblleemmss
When keyboarding a research paper, you
undoubtedly make a few typing errors.
A lot of problems are caused by this kind
of “dirty data”.
“Dirty data” is data that is incomplete,
outdated, or otherwise inaccurate.
CIT 3303 9
10. NNaattuurraall HHaazzaarrddss
Whatever is harmful to property (and people)
is harmful to computers and communications
systems. This certainly includes natural
disasters: fires, floods, earthquakes,
tornadoes, cyclones, hurricanes, and the like.
Natural hazards can disable all the electronic
systems. Without power and communications
connections, automatic teller machines (ATM),
credit card verifiers, and bank computers are
useless.
CIT 3303 10
11. Crimes aaggaaiinnsstt iinnffoorrmmaattiioonn tteecchhnnoollooggyy
Crime against information technology
include –
Theft of hardware
Theft of software
Theft of time and services
Theft of information
CIT 3303 11
12. CCrriimmeess uussiinngg iinnffoorrmmaattiioonn tteecchhnnoollooggyy
Just a car can be used to assist in a
crime, so can a computer and
communication system.
Criminals use inexpensive
microcomputers with sophisticated
graphics capabilities for illegal purposes.
CIT 3303 12
13. CIT 3303 13
VViirruusseess
Computer viruses are programs that
causes systems to behave in unexpected
and undesirable ways.
Virus can copy itself and damage files.
Spread through floppy disks, Internet
downloads or as e-mail.
Viruses may take several forms. The two
principal ones are boot sector virus and
file viruses.
14. CCoommppuutteerr CCrriimmiinnaallss
What kind of people are responsible for
most of the information technology
crime?
Over 80% may be employees, and rest
are outside users, hackers and crackers,
and professional criminals.
CIT 3303 14
15. CCoommppuutteerr CCrriimmiinnaallss ((ccoonntt……))
Employees: Employees are the ones with the
skill, the knowledge, and the access to do bad
things. Dishonest employees create a far
greater problems than most people realize.
The increasing use of laptops, away from the
eyes of supervisors, concerns some security
experts. They worry that dishonest employees
or outsiders can more easily intercept
communications or steal company trade
secrets.
CIT 3303 15
17. CCoommppuutteerr CCrriimmiinnaallss ((ccoonntt……))
CIT 3303 17
Hacker
An individual who has the knowledge to
illegally break into a computer system or
facility, although he or she does not cause
any harm to the system or the organization.
Cracker
A computer thief who breaks into a system
with the intent of stealing passwords, files,
and programs, either for fun or for profit.
18. CCoommppuutteerr CCrriimmiinnaallss ((ccoonntt……))
Professional criminals:
Member of organized crime rings don’t just steal
information technology. They also use it the way
that legal businesses do – as a business tool, but for
illegal purposes.
For example, databases can be used to keep track
of illegal gambling debts and stolen goods. Drug
dealers have user pagers as a link to customers.
Microcomputers, scanners, and printers can be used
for forge checks, immigration papers, passports,
and driving licenses. Telecommunications can be
used to transfer funds illegally.
CIT 3303 18
19. CCoommppuutteerr SSeeccuurriittyy
Computer security includes the policies,
procedures, tools and techniques designed
to protect a company’s computer assets
from accidental, intentional, or natural
disasters. It covers all components of a
company’s computing environment:
hardware, software, networks, physical
facilities, data and information, and
personnel.
CIT 3303 19
21. IIddeennttiiffiiccaattiioonn aanndd aacccceessss
There are three ways a computer system can
verify that you have legal right of access.
Some security systems use a mix of these
techniques. The systems try to authenticate
your identity by determining –
1. what you have – cards, keys, signatures, badges.
2. what you know – PINs, passwords, digital
CIT 3303 21
signatures.
3. who you are –fingerprint id, voice id, retinal id, lip
prints.
22. PPaasssswwoorrdd SSeeccuurriittyy
A password is a special word, code, or
symbol that is required to access a
computer system.
Choose Strong Passwords. Never use your
name or the name of a loved one, or even a
word in the dictionary.
Use a mix of alphanumeric characters, but
make it easy to remember.
CIT 3303 22
23. PPeerrssoonnaall ffiirreewwaallll
If you are not behind a corporate
firewall, purchase and install a personal
firewall on your computer. This will help
protect your system from many
weaknesses that some worms will try to
use.
CIT 3303 23
25. BBee aawwaarree ooff hhooww vviirruusseess sspprreeaadd
Be aware of how viruses spread and don't
open attachments unless you are SURE
they are genuine. Call the sender if
necessary to be sure they sent the email. Be
sure your system settings are set so you
can recognize potential virus files that may
have multiple extensions such as
filename.txt.exe. If the extension ends in
.exe, .com, or .bat don't double click on it or
run it unless you are SURE it is from a valid
source.
CIT 3303 25
26. AAvvooiidd iinnssttaalllliinngg bbaadd aapppplliiccaattiioonnss
Some computer programs may come with
spyware. Avoiding these can be
important in both securing your system
and keeping your system performance
from being degraded.
A personal firewall is one defense against
this happening because it will normally
notify you when a program accesses the
internet.
CIT 3303 26
27. CCoonnffiigguurree yyoouurr ssyysstteemm
Configure your system so you will see all
file extensions as described on the page
called "Windows File View Settings".
CIT 3303 27
28. BBaacckkuupp yyoouurr ddaattaa
Make frequent backups of vital data and
store it in a different physical location
from the computer.
CIT 3303 28
30. TTeerrmmiinnaall ccoonnnneeccttiioonnss
Don’t leave modem lines or Internet
connections open when you are not using
them. Turn off your computer when you
leave it.
CIT 3303 30
31. AAcccceessss CCoonnttrroollss aanndd EEnnccrryyppttiioonn
Using a PC security package that
demands passwords for computer access
and encrypts data resident on the hard
disk.
CIT 3303 31
32. EEtthhiiccaall IIssssuueess iinn CCoommppuuttiinngg
The Ten Commandments of Computer Ethics
1. Do not use a computer to harm other people.
2. Do not interfere with other people's computer work.
3. Do not snoop around in other people's computer files.
4. Do not use a computer to steal.
5. Do not use a computer to bear false witness.
6. Do not copy or use proprietary software for which you have not paid.
7. Do not use other people's computer resources without authorization or
proper compensation.
8. Do not appropriate other people's intellectual output.
9. Always think about the social consequences of the program you are
writing or the system you are designing.
10. Always use a computer in ways that insure consideration and respect for
your fellow human.
CIT 3303 32