Data Security

10. Protection Through Software

Using Software Protection

Guarding against breaches in security should be a priority for all organisations and individuals. Using anti-mal(icious) software to help lower the risk of successful attack through viruses, Trojans etc is one precaution that everyone can take.

However, because organisations have multiple employees accessing large quantities of data on a frequent basis, they need to take additional precautions by using specialist software.

Software Security

1. Firewall

Firewalls are special filtering pieces of software that sit between the computer and the outside world. All data and communication between the user and the outside world (in and out) has to pass through the firewall.

Users can set filtering controls or permissions to allow only particular programs to communicate through specific access points (ports) with the outside world. Through effective firewall settings, users can restrict data from particular programs from leaking to the outside.


2. Encryption

This involves using a piece of software that turns data through a number of steps into gibberish. The gibberish can only be turned back into useful data if the user has the 'key' to reverse the process.

It follows that the greater the number of steps involved in the transformation of data into gibberish, the more complex the 'key' and the longer it would take to crack the code.

So good protection involves having sophisticated encryption software and rules or a policy that describes what data should be encrypted and always sticking to it. Without encryption on such things as account passwords or credit card data, hackers would always be able to read it in 'plain text'.

3. Intrusion Detection & Prevention

This is an additional piece of specialist software that actively detects users logging onto protected systems recording the time, date of entry and what they did while logged into the system. The same system actively 'locks' users out of the system after a limited number of attempts.

Intrusion Prevention & Detection
Restricted Priveliges

4. Restrict Privileges

User accounts are associated with sets of privileges which determine what each user can or cannot do and groups of users can be associated with sets of privileges. So for example certain privileges can allow particular groups to view certain data and not others. Or edit or not edit records, to send data or not send data and so on.

Through a tiered access privilege policy, organisations can exert quite a tight control over who can do what with the data.

5. Content Filtering

Similar to the Restriction of Privileges, content filtering uses a series of software controls to limit web sites users can visit and what they can do on the internet, for example download and install software.

The main purpose of content filtering is to stop what's called 'drive-by downloads' where users come across something that sounds interesting and casually downloads it, only to discover later it contains hidden malware.

Content Filtering
Vulnerability Assessment

6. Vulnerability Assessment

Organisations use specialist software to scan their systems for vulnerabilities or weaknesses that might be exploited by hackers. These are often the same hacking tools that hackers use to find possible access points.

In sensitive systems, organisations should perform vulnerability testing on a weekly basis on all internal and external systems in their networks.

7. System Monitoring

Use a system monitoring program which records the behaviour of all users. It tries to spot patterns in user behaviour about where they go, what they do and when they do it. The monitoring program generate alerts, if it spots some unusual user behaviour when compared to what they've done before.

The insider behaviour monitoring can help anticipate breaches by disgruntled employees or hackers working as an employee. The ability the program gives to enable user behaviour to be replayed is of invaluable assistance in investigating security breaches.

System Monitoring

One of the outcomes of this unit is to be able to advise people or companies on how to stay safe. Previous exercises have shown that ignorence is no longer a suitable defence to avoid fines for failing to take adequate protection against hacking attacks. So companies of all sizes have to actively seek out advice on how to prevent security breaches and hacking attacks.

Good advice, especially to organisations, is best given in written reports. So this exercise and those that follow cover the preparation for a final project which will be used for the Unit Assessment.

All computer users are not the same. Businesses vary in size and the extent they use technology, so advice has to be tailored to the users and context. It would be unreasonable for example, to expect a family to take the same expensive precautions as a multinational business that relies on analysing vast amounts of data, like credit ratings ensilages.

The Problem

Fit 4 Life is a small but popular gym, employing 10 people. They only have two computers both of which are connected to the internet. One computer are used to manage membership lists, sending out email reminders concerning membership fees, notices about forthcoming events, news and special offers. They also have popular website which members can use to book sessions and time with personal trainers. Also on the website is an online shop that members and non members can purchase health foods and gym clothes. The other computer is used to manage the business, keeping track amongst other things like business accounts, the staff payroll and payments to self employed fitness trainers who bring their clients to the gym.

The Man with a Plan

The task is to prepare a security plan for the gym Fit 4 Life. This report is going to be developed over several lessons. In what follows we are just going to tackle the start.

  1. Open a new word document. Save it as Security Report
  2. Reports are structured documents and tend to follow a set format.
    1. Begin with a suitable title - its up to you, but it has to be appropriate.
    2. Write a sub-heading with the title Project Brief
    3. Read the problem and describe it your own words. - this is to show that you understand the problem completely and sets the context for your solution.
    4. In the Project Brief section, make clear any assumptions you make about how the computers are be used, the type of data stored, who will be using the computers etc.
    5. Think hard about this section and try to make it as complete as possible. As it sets the direction for the remainder of the report. And its against this that the rest of the report will be judged i.e. Did you manage to do what you set out to do in the project brief.
    6. While it has to be complete as possible at the start, don't worry too much if you forget anything. You can always come back and change it.
  3. Create a sub-heading Software Protection
    1. Set out what precautions the gym should take with regards to software and the reasons why.
    2. This section should tie in with some of the assumptions made with respect to the use and types of software used by the business in the project brief.
  4. Get you report checked by a teacher before moving on.

Can you now do?

  • Identify two different software precautions that could be taken to enhance data security.
  • Explain for each software precaution provided how they enhance data security.
  • Understand the need for formal reports and know how to prepare a Project Brief at the start of any project.

If you don't feel confident in meeting any of these performance criteria, ask your teacher or re-read the information again.

Cyber Security

  • Security Fundamentals
  • Data Security
  • Digital Forensics
  • Ethical Hacking
Supporting courses by the SQA Logo
css badge
html badgee