ST CLEMENT’S SECONDARY SCHOOL

COMPUTER SECURITY
CHONGO MK MARIO

SENIOR LEVEL GRADE 10

 SECURITY POLICIES

AND

CHONGO MK MARIO
TERMINOLOGY
 WHAT IS A SECURITY POLICY?
▪System Security policy is a policy that formally describes
how the organisation deals with security issues.
▪It stipulates the responsibilities of the organisation and its
employees.
▪It sets expectations for the conduct of their staff or
members on the computer system or network and lists
security measures and procedures that have to be followed.
CHONGO MK MARIO
 WHY IS SECURITY POLICY
NECESSARY?
▪The physical computer equipment and infrastructure
need to be protected against abuse, damage and theft.
▪The organisation data is stored on the computer system
must be protected.
▪Personal information about clients and business must be
protected
CHONGO MK MARIO
SECURITY POLICIES
▪Acceptable use policy
▪Password protection policy
▪E-mail policy
▪Software installation policy
▪Web access policy
CHONGO MK MARIO
▪Disaster recovery policy
▪Data backup policy
▪Data encryption policy
▪Workstation protection policy or physical
resources protection policy
▪Privacy policy
CHONGO MK MARIO
ACCEPTABLE USE POLICY

•It spells out clearly what every employee or

member of the organisation may or may not
do on the computer network.

CHONGO MK MARIO
PASSWORD PROTECTION POLICY

▪This makes the employees responsible for

protecting their passwords.

CHONGO MK MARIO
SOFTWARE INSTALLATION POLICY

▪It specifies who may install software and what

software may be installed on a system.

CHONGO MK MARIO
E-MAIL POLICY

▪This specifies which employees have access to

e-mail at work.

CHONGO MK MARIO
WEB ACCESS POLICY

▪This specifies who may access the internet and

what may be accessed on the internet as well
as whether the internet can be used for
personal purposes.

CHONGO MK MARIO
DATA ENCRYPTION POLICY

▪It states which, if any document or file must be

encrypted and how they will encrypted.

CHONGO MK MARIO
PRIVACY POLICY

▪This specifies the protection of personal

information of both employees and clients.

CHONGO MK MARIO
 EXERCISE
(a)Teachers at St Clement’s secondary have to go through
logon procedure to gain access to the school computer
system.
(i) Which policy is responsible for protecting their passwords?
(ii) which policy specifies the protection of teacher’s personal
information?
(b) State two reasons why it is important to have a security
police at school
CHONGO MK MARIO
 SECURITY CONCERNS

CHONGO MK MARIO
▪Hardware failure
▪Accidental damage of critical data through human error
▪Disasters such as flood, fires and earthquakes
▪Computer viruses
▪Unauthorised access to the system
▪Theft of data and hardware
▪Loss of data on the memory sticks and external hard disks
CHONGO MK MARIO
HARDWARE FAILURE

▪Computers and their storage media are

physical devices that can break at any time.
▪This could be disastrous for an organisation
such as banks or any business or private
individuals.
CHONGO MK MARIO
 PROTECTION AGAINST HARDWARE FAILURE

▪Backup using DVD, CD, USB memory sticks or

external hard disk.
▪Make use of cloud computing.
•Cloud computing is the use of online software
application and storage on the internet
CHONGO MK MARIO
CONCERNS ABOUT CLOUD STORAGE

▪You need to trust an external service provider

with security of your data.
▪You need to have access to the internet
▪Any employee with access to this storage can
access the data from anywhere.
CHONGO MK MARIO
 HUMAN ERROR
• Making mistakes when capturing data.
• Not entering all the data provided
• Saving files in the wrong place and then not remembering
where they are computer bugs. These are errors in the actual
code of computer program that cause unexpected or
erroneous behaviour or results.
• The programmer has made a mistake, causing the program to
CHONGO MK MARIO

make logical errors.

 PREVENTING HUMAN ERROR
▪Build good interfaces that do error-checking as the user enters data.
▪Build data verification processes into your system security policy. Data
verification is the process to check if data entered is correct.
▪Build data validation. To check correct data format, no fields have
been left empty.
▪Use barcode readers
▪Use system security settings that prevent users from deleting, changing
or even viewing important data
CHONGO MK MARIO
 POWER FAILURES

▪When a computer shuts down unexpectedly,

such during power failure, there may be files
open that have not been served. The content
that have not been served could become
corrupted.
CHONGO MK MARIO
 PROTECTION AGAINST POWER FAILURE
▪Install UPS (uninterrupted power supply) to protect
sensitive computer equipment.
• UPS can supply battery power to a device for a short while
so that files can be saved and computers and servers shut
down.
• UPS is able to smooth out the power supply and protect
devices against power surges that could blow sensitive
electronic components.
CHONGO MK MARIO
CHONGO MK MARIO
PROTECTION AGAINST POWER FAILURE

▪Install special generators

▪Save your work regularly
▪Make regular back up

CHONGO MK MARIO
 DISASTERS
▪Disasters such as storm damage, lightning
strikes, fires, floods and earthquakes can
completely destroy a computer system.
▪A complete disaster recovery is required, this
includes backup of all data offsite.
▪Cloud computing is needed
CHONGO MK MARIO
 EXERCISE
Computer systems can be affected in various ways
which could lead to data corruption.
(a)Give two ways that data might be corrupted.
(b) Suggest the method of protection.
(c)How is a password verified?

CHONGO MK MARIO
 COMPUTER VIRUSES AND SIMILAR THREATS
▪Computer viruses fall into a larger category called
malware.
•A malware is any computer program that is unwanted
and that has installed on a computer without the
permission of the user, usually to perform a non-
beneficial activity.
CHONGO MK MARIO
 COMPUTER VIRUSES
▪A computer virus is a small computer program that
has been written to cause damage to computer files or
data.
▪They are executable programs that attach themselves
to a program or file and are then spread from
computer to computer infecting more and more over
CHONGO MK MARIO

time.
 COMPUTER WORMS
▪A computer worm is different from a virus as it does not
attach itself to a particular file.
▪It is able to duplicate itself and spread easily through a
network and via e-mail.
▪It does damage to a computer system by using all
available bandwidth or by rewriting data to use for
negative activity and slows down network activity.
CHONGO MK MARIO
TROJAN HORSE
▪It appears to be a useful software, but once
installed on a computer the program does
damage to the system.
▪It compromises the security of the computer by
allowing unauthorised access to the computer
system.
CHONGO MK MARIO

▪Trojans do not duplicate themselves.

CHONGO MK MARIO
 SPYWARE
▪It collects various type of information from
web browsing habits to logging the keystrokes
that the user performs on the computer.
▪This can be used to gain knowledge of
usernames and passwords that can then be
used for further illegal activity.
CHONGO MK MARIO
ADWARE

▪It is a software that displays advertisements

on your computer.
▪It is harmless, but advertisements popping up
all the time can be annoying.
CHONGO MK MARIO
PROTECTING A COMPUTER SYSTEM AGAINST
MALWARE
▪Install good anti-virus software
▪Organisations should have acceptable use
policy
▪Put up control software
▪Set computer security system settings on a
CHONGO MK MARIO

network.
 EXERCISE

Computer systems can be affected by viruses.

(a)What is a computer virus?
(b)Give one effect of a virus.
(c)How can the system be protected from viruses?
(d)Why would backing up data not guard against
the effect of a virus?
CHONGO MK MARIO
 UNAUTHORISED ACCESS

▪Hackers bypass the security on the computer

systems or network.
▪Hackers access a system only to prove that
they can overcome the security measures put in
place. The serious threat is cracker. A cracker
overcomes security measures with the intention
to do harm like stealing data.
CHONGO MK MARIO
CHONGO MK MARIO
 MEASURES TO PREVENT UNAUTHORISED ACCESS
▪Users to change their passwords on the regular basis.
▪All users need to be educated about password security and put strong
passwords.
▪Important and confidential data should be password-protected and
encrypted.
▪Computer system must be protected by firewall.
• A firewall consists of hardware and software that monitors all
incoming and outgoing traffic on a network.
CHONGO MK MARIO

• It also hides and protect the network against intrusion.

PREVENTION OF HARDWARE THEFT
▪Use burglar alarms and burglar bars
▪Security guards
▪Access controlled areas that require PIN codes or
biometric scans.
▪Locks and cables that lock equipment to permanent
fixtures.
CHONGO MK MARIO
 PREVENTION OF DATA THEFT
▪Encryption and use of passwords
▪Disabling DVD drives and USB ports so that data
cannot be copied
▪Using firewalls
▪Limiting access to e-mails and the internet to only
trusted personnel.
CHONGO MK MARIO
CHONGO MK MARIO
 SECURITY PROFESSIONALS

CHONGO MK MARIO
 SECURITY PROFESSIONALS
▪ A computer security policy must be developed by the management of the organisation.
▪ IT staff must be involved to inform decision makers of what is possible given structure of
the particular system and the facilities available.
▪ The chief security officer is responsible for overall security system in an organisation.
▪ Network administrator looks on the security of the network.
▪ Hackers to test for weak points in their security systems.
▪ Computer crime investigator
▪ Disaster recovery experts
▪ Anti-virus and anti-spyware software developer
CHONGO MK MARIO
 EXERCISE
• To gain access to a database, a user must type first in the user ID and then
a password which needs to be verified.
(a)What is data verification?
(b)In spite of these safeguards, unauthorised access to the database is still
possible. What could be done:
(i) to prevent data being used by unauthorised people?
(ii) to prevent data loss once illegally accessed?
(c) Suggest two possible backup devices that can be used to store data
(d) State two security professional that can help in computer security.
CHONGO MK MARIO
 +260 969 413 288

CHONGO MK MARIO
REFERENCE

1. Computer Science thinking process (2017)

2. R Banda, B Dill (2015) Longman Computer studies grade
10

CHONGO MK MARIO