Comply with procedures for the use of organisational

This preview shows page 27 - 33 out of 46 pages.

comply with procedures for the use of organisational information systems . Where organisational procedures are unclear or fail to anticipate potential problems, users may often ignore established methods, act on their own initiative or perform tasks incorrectly. Failure to carry out backup procedures or verify data backups . In addition to carrying out regular backups of important business data, it is also necessary to verify that any backup copies made are accurate and free from errors. Update query : Used to change records, tables and reports held in a database management system.
MITS4001 28 Copyright © 2018 VIT, All Rights Reserved Lesson 9 Natural Disasters • All information systems are susceptible to damage caused by natural phenomena, such as storms, lightning strikes, floods and earthquakes. • In Japan and the United States, for example, great care is taken to protect critical information systems from the effects of earthquakes. • Although such hazards are of less concern in much of Europe, properly designed systems will make allowances for unexpected natural disasters.
MITS4001 29 Copyright © 2018 VIT, All Rights Reserved Lesson 9 Sabotage • Deliberate deletion of data or applications Logic bomb : Sometimes also known as a time bomb, a logic bomb is a destructive computer program that activates at a certain time or in reaction to a specific event. Back door : A section of program code that allows a user to circumvent security procedures in order to gain full access to an information system. Data theft : This can involve stealing sensitive information or making unauthorised changes to computer records. • Accidental deletion
MITS4001 30 Copyright © 2018 VIT, All Rights Reserved Lesson 9 Unauthorised use Hacker : Hackers are often described as individuals who seek to break into systems as a test of their abilities. Few hackers attempt to cause damage to systems they access and few are interested in gaining any sort of financial profit. Cracker : A person who gains access to an information system for malicious reasons is often termed a cracker rather than a hacker. This is because some people draw a distinction between ‘ethical’ hackers and malicious hackers.
MITS4001 31 Copyright © 2018 VIT, All Rights Reserved Lesson 9 Control strategies • Containment Control access to system • Deterrence Penalties for staff or hackers • Obfuscation Hiding or distributing information assets • Recovery Recovers data after breach.
MITS4001 32 Copyright © 2018 VIT, All Rights Reserved Lesson 9 Control techniques Physical protection uses physical barriers, for example, restricted access to rooms and equipment. Biometric controls make use of the unique characteristics of individuals in order to restrict access to sensitive information or equipment.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture