Unit 274 Understand the safe use of
online and social media platforms
1. Understand that information stored
on personal computers and mobile devices must be safeguarded.
Email;
emails accounts may be hacked into if the device being used is not suitably
protected via antivirus/antispyware software and a firewall. This can result in
personal information being accessed by unauthorised third parties. Phishing
emails allegedly from secure sites may also be received which encourage you to
visit fraudulent or inappropriate websites.
Web
Browsing; Going onto unsecure or bogus sites and clicking onto links, can
result in your device getting a virus such as a Trojan horse, spyware or a
tracking cookie.
Banking
Online; If you lose or share your log in or account details then you may
experience money being taken fraudulently from your account. Also if you have
been unfortunate enough to get a spyware virus then third parties can view what
you are doing online and gain your account information.
Shopping
Online; When shopping online you need to provide payment details such as credit
or debit card numbers as well as delivery details via the online website. If
you are therefore using an unsecure or bogus site they may use this information
to gain access to your money and not provide the goods ordered. They may also
use your personal information for fake ID.
Social
Networking; without having suitable security settings on your Social Networking
pages, anybody can access your page and view your personal information. Your
pages can also be hacked into and inappropriate pictures and information added
which can be viewed by others.
1.2 Describe the security risks associated with;
Hardware; Hacking
can result in information being taken from the computer memory.
Software; Hacking
can gain unauthorised access to data held on the Software systems of the
computer system
Social Media
Networking; Cyber-stalking, bullying, access to age inappropriate content,
disclosure of private info, online grooming and child abuse, prosecution from
posting offensive or inappropriate comments
Access to
malicious websites; Accessing links to malicious websites can lead to the user
downloading some malicious code that has the potential to steal information on
the user’s computer or mobile device
Access to
inappropriate material published on the internet; as above however this could
also lead to criminal prosecution.
Corrupted or
infected email attachments; Opening these attachments can result in a virus
being stored on the computer which may initially be dormant for a period of
time. This can then send out email messages at random from your sent items to
your contacts with an attachment which when opened will also infect their PC
and possibly the whole organisation network.
1.3 Explain the importance of controlling access to
hardware, software and stored data.
It is
important that only authorised individuals have access to relevant information
on a need to know basis. Therefore access to information needs to be controlled
in line with the organisations policies and procedures as well as Data
Protection regulations.
1.4 Describe the common types of scams and frauds;
a. Phising;
The fraudulent practice of sending emails purporting to be from reputable
companies in order to encourage individuals to reveal personal information such
as passwords and credit card numbers. This has been commonly used to gain
banking details.
b. Pharming;
The fraudulent practice of directing internet users to bogus websites that
mimic the appearance of a legitimate ones in order to gain personal information
such as passwords and account numbers. This is commonly used re online shopping
sites.
c. Hacking;
This is when unauthorised access is used to gain access to data held in a
system, computer or online account
1.5 Explain the importance of developing and maintaining
safe ICT habits.
It is
extremely important to develop and maintain safe ICT habits to ensure all data
and access to it is secure and confidential and that personal information is
protected. Organisations need to comply with the Data Protection Act otherwise
their data licence will be revoked which could lead to the organisation being
unable to continue to trade. Procedures and security settings need to be in
place and renewed/reviewed as required such as antivirus software being updated
regularly and users being encouraged to set secure passwords and renew these
regularly.
2. Know how to select and use
appropriate security methods to safeguard systems and data.
2.1 Describe security techniques /measures that can protect
personally accessed software and data, such as login identity and passwords.
Passwords
should be set by individuals and not shared. These should be in a cryptic
format, not easily remembered or identified by others. They should consist of
upper and lower case letters, and be a mixture of numbers and letters of at
least 6 or 8 characters. Passwords should not be written down except in the
form of a cryptic clue which only the individual could make sense of.
2.2 Describe common ways of controlling access to hardware,
software and data
The same
password should not be used for all hardware and software as if one system is
hacked then all will be. Passwords should be changed regularly. Access controls
can be put onto individual software as well as files and folders stored on it.
Files and folders can also have their own password to only allow authorised
people to gain access to them. For personal computers, parental controls can be
put on to limit the materials that children can access.
2.3 Identify ways to protect data and software
Firewalls,
antivirus and antispyware software need to be installed and updated regularly. Full
scans need to be run using this software on a regular basis.
2.4 Describe the term “virus” and give examples of different
types.
A virus is a
coding which has been created to seriously damage your computer. They can be
spread from one computer to another via emails and attachments, external
storage devices and internet downloads. The following are examples-
Worm; This is a virus that replicates itself
but does not alter any files on your computer. It multiplies and takes up all
of a computer’s available memory or hard disk space.
Trojan
Horse; These are software programs that appear to be regular programs such as
games. However if they are run, the program starts writing over certain parts
of the hard drive, corrupting the data.
Spyware;
This is software that can capture information like Web browsing habits, email
messages, usernames and passwords as well as credit/debit card information to
transmit this data to another person’s computer over the internet.
2.5 Describe the purpose of anti-virus software
The purpose
of anti-virus software is to stop viruses becoming attached to your computer.
Any received will be “quarantined” by the software. Regular scans can be set up
to identify any threats received and eliminated.
2.6 Explain why anti-virus software should be regularly
updated.
These should
be regularly updated as more complex viruses are continuously being produced
therefore you need to ensure your version is able to cope with these. Also they
tend only to be for a limited period therefore they must be updated and
reinstalled before your system is left unprotected.
2.7 Explain the importance of backing up and safely storing
data.
It is very
important that your system is backed up and data stored safely on another
device so that if you are unable to access your files due to corruption or
system failure on the computer then you will have a secondary source.
No comments:
Post a Comment