8.3 Security of data
Security of data is an effort one makes to keep their data safe and unchanged by restricting access to it, reducing the chance of malicious damage. Hence we are going to discuss the ways which you can protect the information that need to be protected online or else called information assets as safe as possible.
- Identity theft
Identity theft is a type of fraud where personal information is stolen and used to impersonate that person. Usually used to gain something using the stolen person's details such as applying for a loan under someone else's name.
- Spam
Junk email that involves a bunch of nearly identical emails being sent to lots of people. It usually tries to persuade you into doing something. Spam emails are sent by a malware called botnets.
- Hacking
Meanwhile hacking is the gain of unauthorized access to data in a system or computer. Hacking is a very broad term that can be done through many ways which are:
• Phising:
A criminal activity trying to find sensitive informations such as passwords or banking details by fraudster means.
• Pharming:
Happens when a hacker installs a malicious program on a computer or a server. This programme code causes any clicks that is made on a website redirect you to another website without your consciousness.
• Spyware:
A malware designed to be installed secretly on a computer. Records private information or activities made by the users, transmitting it to the installer.
•Vishing:
This is taken from the words voice and phising. When fraudsters obtain information of a victim through landline telephones.
• Smishing:
The use of mobile messaging to lure victims into clicking a link or returning their calls where they obtain information.
What effects does hacking have?
Hackers would be able to view all of your private information stored, being able to impersonate you online which leads to many things such as mentioned identity theft. It could also lead to potential lost of all data as hackers might change or delete files.
Protection against hacking:
When not connected to a network, make sure that it is never left unattended and logged in for anyone passing by to access. But when it is connected to a network, people would need login information to access which can be obtained through many ways such as phising, farming and all those mentioned above with methods of safeguard against them. This mau also be prevented by installing a firewall and the encryption of sensitive data.
Credit card fraud:
A broad term used to describe the activity of fraud that is committed using a payment card. The purpose of it is to mainly steal or get things via someone else's funds. There are many methods of credit card fraud such as:
- Shoulder surfing:
Obtaining login names, passwords, credit card and pin numbers by observing them real time as someone enters them.
- Cloning:
Otherwise known as skimming, it is the act of copying a stolen card information to a new card.
- Key logger:
Short for keystroke logger, it is a type of malware that records individual key strokes that are recorded on a computer's keyboard to obtain pins and numbers.
Protection of Data
- Biometrics:
Biometrics is a protection data that uses technology to analyse unique personal characteristics as a form of identification so data can be protected
example :fingerprints, face recognition, handwriting, and Voice patterns
- Encryption:
Encryption is a process of converting information or data into a code to protect it from unauthorized access. It is a fundamental technique in computer security and privacy, and it's used to ensure the confidentiality and integrity of data during transmission or storage.
Here is the example of encryption:
Plaintext: "HELLO"
Key: 3
In this example, we'll shift each letter in the plaintext three positions to the right in the alphabet to encrypt it:
H becomes K
E becomes H
L becomes O
L becomes O
O becomes R
So, the encrypted ciphertext is "KHOOR."
To decrypt this ciphertext, you would shift each letter three positions to the left:
K becomes H
H becomes E
O becomes L
O becomes L
R becomes O
And you get back the original plaintext, which is "HELLO.“
-Digital certificate:
a digital certificate is a form of identification like passport or ID card, It lets the encrypted message know the public key sources. most browser usually has a padlock on their website, that shows the website is secure.
-The SSL (Secure Socket Layers)
SSL/TLS is a crucial technology for securing online communications. It ensures that data transmitted between a client and server is encrypted, maintains its integrity, and can be authenticated to prevent eavesdropping and tampering by malicious actors.
-Data security in cloud (cloud computing)
Cloud computing is when data and programs are stored in a centralists place on the internet not the hard drive on your computer.
Firewall
A firewall is a network security device or software that is used to monitor and control incoming and outgoing network traffic based on an organization's previously established security policies. Its primary purposes are to:
-Security :
Firewalls act as a barrier between a trusted internal network and untrusted external networks, such as the internet. They filter and block potentially harmful traffic, protecting the internal network from unauthorized access, cyberattacks, and malware.
-Access control:
Firewalls can restrict access to specific resources or services based on predefines rules. This helps in controlling who can access what on the internet
-Network segmentation:
Firewalls can segment a network into different zones, each with varying levels of security. This is useful for isolating critical systems from less secure parts of the network.
-Authentication:
An authentication method is used to identify a user who has the produce evidence Example : password, personal data and so on
-User ID and password
A user ID and password are credentials used to authenticate and verify the identity of an individual or system trying to access a secure account, computer system, or online service.
No comments:
Post a Comment