P2Locks prevents unauthorised access to a building or a room.They are used to secure doors, containers or lockers. The main locks thateveryone uses a key system to open.
Each lock needs a specific key for it to beopened and only that one key can open that one lock. To prevent unauthorized access to buildings, all possible ways of entries needto be locked with these locks so that no one can just open the door and walkin. Only employees and people that have the keys to the locks can enter thelocked room or building.Locks help to keep systems secure as it prevents unauthorizedaccess to be able to use or take systems and items in the rooms with valuabledata. Visitor passes is a system used by businesses to givevisitors from outside the business temporary access to a building or a room.The passes are in the form of a card hanging around the visitor’s head to letthe authority of the building know that they are visitors. Visitor passes givevisitors access to rooms and buildings but they may still be restricted toaccess or use some systems or still not be able to access every room in thebuilding. Visitor passes need to be on display so that the employees know thatthey have permission to access rooms etc.
This helps to secure systems as the employees and authoritieswill know who is a visitor and who may be a say thief trying to stealinformation and data as visitors will have a card around their neck showingthat they are allowed access. Sign in/out systems are used to keep track of employeescoming in and out of the building. This is so that the employers know exactlywhich employee is in the building and which one isn’t at any given time. In/outsystems can also be implemented with doors leading into rooms with valuableinformation.
This will help keep systems secure as say for example ifsomeone steals from a room, the employers can check the logs to see who lastentered or last left the room to the figure out who stole the data. Biometrics are a form of authentication. Biometrics securitysystems will identify people by checking for certain face features andcharacteristics. Retinal Scanners scans people’s retinas which is in the humaneye. It beams an infra-red light at the person’s eye, the person’s retina atthe back of the eye will absorb and reflect a certain amount back at themachine.
The machine then identifies employees from the information itreceived. Since no two retinas are the same, it will be hard for people whodon’t have their retinas in the data base to enter the protected area. Thiskeeps systems secure as only the employees retinas that are saved in thedatabase will be able to access the protected areas, this keeps unauthorizedaccess away from areas that have valuable information and data.
Biometrics are a form of authentication. Biometrics securitysystems will identify people by checking for certain face features andcharacteristics. Fingerprint authentication is one of the biometrics securitymeasure, this uses the persons finger prints to allow access to room or abuilding. Since every person in the world has a different fingerprint, only thepeople who have scanned their fingerprint in the database to allow access areable to enter the room or building. This keeps systems secure as only people with thefingerprints scanned into the data base are able to access the rooms and thebuilding that are protected with the fingerprint scan. Biometrics are a form of authentication. Biometrics securitysystems will identify people by checking for certain face features andcharacteristics.
Voice recognition works by listening to the person’s voiceand it compares it with the voice that is stored in the database with all thevoices of the authorized people. If it sounds the same then it will allowaccess to the person and unlock the door to the area.The keeps systems secure as only people with the right voicewill be able to access the area protected by the voice recognition securitysystems. A security guard is a person employed to protect a buildingagainst thief’s and intruders who are trying to damage or steal the datainside.Security guards prevent data from being stolen or damaged byapprehending any intruder and protecting and looking after the data at alltimes. Cable shielding is used to protect cables from anyinterference that may occur electrically and to stop wiretapping; third partydevices connected with the mainframe wires, from occurring.
It is importantthat the cables that are used for transferring valuable data and information asthis will then keep the information and data from being stolen or corrupted. Ifthe information and data cables are not kept secure they can be hacked tomonitor the business’s data and information being inputted and outputted. Cable shielding keeps systems secure as they protect cablesthat are transferring valuable data and information of the business by stoppingany electromagnetic interference to be able to corrupt the data passing throughit. P3Configuring a firewall into your system will protect it fromany unauthorized access from connecting to your network. It acts as a barrierbetween a trusted network and an untrusted network.
It controls who is allowedto come in and out of a network. This keeps systems secure as itblocks any unauthorized access from connecting to your network and them havingthe intention of stealing your data, having a firewall will prevent this fromoccurring. Virus checking software scan your computers files and memoryto detect any viruses that may be inside your computer. When the softwaredetects a virus it then removes the software viruses from the computer so itdoesn’t cause any damage.
An example of a virus checking software is McAfee.This keeps systems secure as removing a virus from a computeris vital to protect all the computers data and information as a virus is a codeor program written to alter the way a computer operates and potential corruptthe computer. A virtual private network allows a private network to bespread across to a public network safely, and it enables users to send andreceive data across shared networks. Applications and software’s running on aVPN may therefore be more functional. Majority of business use VPN to connectremote data centres, meaning that employees can use VPN to access networkresources without being in the same local area network.
This keepssystems secure as it ensures the level of security to the connected systems aregood when the normal network cannot provide it. It can also improve performanceof a network and make receiving and sending data a quicker process. An intrusion detection system is a security management systemfor computers and networks. It looks for any suspicious patterns in a networkor a computer by gathering information from the user’s activities to theintegrity of files, and then analysing it to identify possible breaches whichincludes from outside the organization and inside the organization.This keeps a system secure as it will be able to pick up onany breaches that may occur from inside the organisation or from outside theorganisation, and it can inform the user that there may be a breach which canthen mean the user has more time to fix this breach as if there was no intruderdetection system, the user will only know that they have been breached once thebreach happens and by that time a lot of damage may have been done.
Passwords are a code that you type in to protect your accountwith. Only by typing in your password you will be able to enter your account.It is crucial to pick strong passwords that are different for each account youhave.
This helps to secure your systems as only the people who knowthe password will be able to access the data inside the accounts. Preventsanyone who is unauthorised from entering the account and using the data inmalicious ways. Levels of access to data is a procedure for computer systemswhere the administrator of a network of computer where different employees havelimited access to certain applications on the computer. Low level users canaccess only a limited set of information, whereas the higher level users canaccess the more sensitive information on the computer.This keeps systems secure as it prevents low level users fromaccessing data that the administrator might not want them to be able to access. Software updating is when softwares and applications gothrough a procedure where they add and repair things to better the software/application. Updates are usually done when a problem is found by the users orthe software developer and a fix is needed.
Installing the update fixes the codeand prevents the problems from happening on your computer again.This helps keeps systems secure as hackers can find flaws insoftwares which allow them to gain access of your computer and the data insideit. Regularly updating the softwares and applications in your computer willensure that there are little to no flaws that can be exposed. Audit logs are files that are saved with the history of auser on a network.
It can record what time a user logged on, which files theyopened and what they changed and even which keys they pressed. Audit logs allowcompanies or schools to control what their employees or students are doing ontheir computers. If someone has gone on a website or used a software that theyare not allowed to, the manager or teacher can find out with these auditlogs and investigate and block the websites that are not acceptable.This helps keeps systems secure as it keeps users under anetwork to not be able to go on websites that are not meant for work or schoolas it has been blocked by the authorizer. Diskless networks are what the name is. It is a network ofcomputers that store data on the internet instead of in the disks in the diskdrives. This helps keeps system secure as if data was stored on disksand the disks or computer were stolen, all the data would have been lostwhereas if diskless networks is used then the data is still in the internetwhere it can be accessed. The “Handshake” is the process of establishing a connectionof one computer with another computer.
It verifies the connection, the speed,or the authorization of the computer trying to connect to it. An example couldbe when a telephone connects to another telephone, the sounds of cracklingheard after the dialling is the “handshake” and it is how we know the telephonesare safely connected.This helps keeps systems secure as because since the both thetelephones have different capabilities to each other, they have to sendinformation to each other so that they can settle on the highest transmissionspeed they can both use. This prevents any interruptions and echo interruptionin the call.M2Encryption is a great method for providing data security. Itis used on the internet to protect user’s information that is being sentbetween a browser and a server, including payment information and otherpersonal information. Encryption is a computer language, and what it does is itscrambles up data including plain text or binary code into somethingunreadable.
The encrypted data is then almost impossible for hackers to gain accessto as the text or code is not seen as the original form. Only the user thatencrypted the code will be able to decrypt the code with their decryption key. The public key is what its name says, public meaning it isavailable to use for everyone via a directory.
On the other hand, the privatekey can only be used by its owner. When data gets encrypted with network keysbecause the key pair is mathematically related, whatever was encrypted on apublic key can only be decrypted by its corresponding private key.For example, if I wanted to send data to my friend jack, andI wanted to make sure that only my friend Jack was able to see that data, Iwould encrypt my data with Jacks public key.
And because only jack has access to his private key, he willbe able to decrypt it with his key as it is correspondent with his public keythat I encrypted the data with, he will be able to decrypt it and gain accessto the data I sent him. VPN stands for virtual private network. Having a VPNinstalled in your network means that all the information that you send toothers across that network is held inside a private and encrypted tunnel as itmakes its way through the public internet.
This means that you are not able toaccess the information inside that tunnel until it has reached its destinationor the person with the VPN credentials logs on to the server. VPN can be used in a work environment. A mobile user whoneeds access to sensitive information from a higher authority work server canbe given the VPN credentials to log in to the server when away so that he canaccess the files. Call backs can be referred to a few things one being:Call back is a system of codes used for protecting a computernetwork where a user calls into their computer or a computer, the computer thenchecks the person’s username and password then ends the call and calls back onthe number with the same username and password to verify the person trying toaccess the computer. Call back is also a function in programming which ispassed as an argument to another function.
The call back is later then calledwhen the appropriate conditions are met.D1An incremental back up one of many types of back up methodswhere it only backs up or copies the files that have been changed or editedsince the last back up. Advantages – • Fewer filesare backed up daily, allowing for quicker backups.Disadvantages – • If a fullback up is occurring, meaning a full restore, the latest full back up and allthe incremental backups must be then restored together, which can take a longamount of time. A differential backup is another type of back up that backsup and copies all the data that has been changed or edited since the last fullback up.Advantages –• This typeof back up saves storage space because the process is faster than a full backup and only backs up the data that has been changed.Disadvantages – • Every time afull back up is being done, the data changes in a differential backup becomeprogressively bigger meaning it will keep on taking more and more space leadingto the whole back up process being longer. A whole system replacement would usually only happen in casesof huge disasters like an earthquake or a fire burning down the buildingmeaning damage would have been done to your system and you weren’t able to useit anymore.
It’s when you have tried everything in your power to restore yourdata but the data is lost or destroyed. This usually mean you have to start upyour systems all over again or if you have a backup system on another site youcan have that replace your current system temporarily. Advantages –• All thebugs and viruses are also destroyed with the data.Disadvantages – • You have tostart your business all over again, this may take a very long time.• You willlose customers and a lot of money will be used to the rebuilding process.
• It will alsomean loss of service as your website will be down. A whole system replacement would usually only happen in casesof huge disasters like an earthquake or a fire burning down the buildingmeaning damage would have been done to your system and you weren’t able to useit anymore. It’s when you have tried everything in your power to restore yourdata but the data is lost or destroyed. This usually mean you have to start upyour systems all over again or if you have a backup system on another site youcan have that replace your current system temporarily. Advantages –• All thebugs and viruses are also destroyed with the data.Disadvantages – • You have tostart your business all over again, this may take a very long time.
• You willlose customers and a lot of money will be used to the rebuilding process.• It willalso mean loss of service as your website will be down. A whole system replacement would usually only happen in casesof huge disasters like an earthquake or a fire burning down the buildingmeaning damage would have been done to your system and you weren’t able to useit anymore. It’s when you have tried everything in your power to restore yourdata but the data is lost or destroyed.
This usually mean you have to start upyour systems all over again or if you have a backup system on another site youcan have that replace your current system temporarily. Advantages –• All thebugs and viruses are also destroyed with the data.Disadvantages – • You have tostart your business all over again, this may take a very long time.
• You willlose customers and a lot of money will be used to the rebuilding process.• It willalso mean loss of service as your website will be down. There are 7 tiers of recovery after a possible disaster and aloss of a whole system. The tiers identify how bad your system is after thedisaster and how long it will take to fully recover your system.Tier 0: No off-site dataThis tier is the worst tier, as it is when the company has noback up plan, no disaster recovery plan or a plan to recover their systems.
This leads to the time of recovery being unknown as it could take many monthsto fully recover systems. Tier 0 is typically the tier that you want to avoid beingcategorized in as it means you are more likely to lose data and more likely totake longer to recover.Tier 1: Data back up without a hot siteThis tier is where the data of the system is backed up andtransferred to an offsite facility. Where if data were to be sent back, thedata would still be there but it would come in a delay of a few days or more. Tier 1 guarantees that the data of your systems is still outthere somewhere, but it comes in the price of time, meaning the data will beaccessible by the company in a delayed time.Tier 2: Data back up with a hot siteCompanies can use this system for tape backups, so when aback of their data is needed, they make use of an alternate site called a hotsite, where the data can be restored.This tier is the same as tier 1 but it just takes less timeto recover all the data if a whole system replacement were to occur.
There are 7 tiers of recovery after a possible disaster and aloss of a whole system. The tiers identify how bad your system is after thedisaster and how long it will take to fully recover your system.Tier 3: Electronic vaultingThis tier uses the method of tier 2, but also uses a VPN orsecure networks to make sure that the data being streamed back cannot be hackedor accessed by any unauthorized access.The data is constantly being streamed to a remote locationand under a secure network, meaning the backup data cannot be destroyed orhacked.Tier 4: Point in time copiesA point in time copy is where the data in the system iscopied as a snapshot. This means that all the data is exported or saved intoone complete file. This is beneficial as it saves up a lot of space and takesless time to recover and restore the data back onto the system.
Tier 5: Transaction integrityThe integrity of the data is verified from the production andhot site locations. This is done to eliminate any worries of the data beingdamaged or corrupted. This helps to keep the data secure and to make sure thatthe data being sent back is the correct data.There are 7 tiers of recovery after a possible disaster and aloss of a whole system.
The tiers identify how bad your system is after thedisaster and how long it will take to fully recover your system.Tier 6: Zero or near zero data lossThis is one of the good categories to be in because it meansthat your company has plans and solutions in place for when disasters occur andhaving data being backed up regularly so that when you do restore data from abackup it is up to date and the data is very accurate. This means that your data will be recovered quicker with nointerruption or any doubt of corruption or hacking occurring.Tier 7: Data back up without a hot siteThis tier is the best tier, it is basically tier 6 but thewhole back up process is automated meaning that when a disaster occurs, anothersystem off site is there already transferring data back into the system in acouple of minutes.This is where virtually no data is lost and no harsh methodsof recovery is needed. The 7 tiers can be helpful as it can tell you which tier ofrecovery your company is in if a disaster occurs and the higher up on the tiersystem you go, the less downtime and loss of data your systems have and a moresecure back up of your systems will be present.
Knowing that your company is on a tier 5 or above after adisaster can be a great relief as your company will be up and running e.g.websites, stores, building etc. will be up and running in no time as the backupof your data will have been secure and back into your main systems in no time.
On the other hand, knowing that your company is on a tier 4to tier 1 is a really sad feeling as you know that it will take a lot of timeand money to restart your systems and regain all the data for your systems tofully restart.If your company is on a tier 0 meaning that no data has beenback up or recovered or all of your data has been lost. This means that youhave to start your company all again from scratch with no data in your systemto aid you.
Disaster recovery policies are procedures and methods createdby a company to make sure that the employees and people working for thatcompany know what the plan is to recover the data and systems of the company.Advantages –• Anadvantage to this is that having a plan for recovery if a disaster occurs meansthat you are prepared for when the disaster does occur, meaning you will knowexactly what to do when it occurs.• Anotheradvantage is the employees of your company will also be in happy mood as theyknow there is a plan implemented for a recovery.
Disadvantages – • The plan orpolicies that have been made may be inaccurate or wrongly planned.• The size ofthe disaster may not be accounted for in the plan meaning that if the disasteris very big and your systems have been physically damaged, there may not bepolicy for that to be recovered properly.