As you saw on pages 38 and 39, there are ways in which information can be damaged, stolen
or lost by malicious action or accidental events. There are many things we can do to limit
the possibility of this happening. This section looks at some of the measures you can take to
protect your data and your personal safety online.
Preventative and remedial actions
It is important to protect both IT systems and their data. Using the following can help:
Physical barriers. These include turning off computers and locking ofﬁ ces when the
systems are unattended to prevent damage by people, the environment (e.g. ﬁ re,
ﬂ ooding, electrical interference) or theft.
Password control of access. Passwords are sequences of characters, known only
to the computer user, which allow access to a computer, network or application.
Passwords should always be strong so that it is hard for someone else to guess them
or work them out.
Access levels. These can be set up to allow individuals to have access to only
speciﬁ c levels of an application and to prevent unauthorised users from accessing
Anti-virus software. This is set up to intercept computer viruses before they can
become resident on the computer. The software can isolate the virus, remove it and
sometimes repair any damage. Equivalent security programs exist for other types of
Firewall. This is a piece of software that monitors all data arriving at your computer
from the internet and all data leaving your computer. It stops anything that it thinks
is harmful or unwanted (such as viruses, spam, Trojan horses and hackers).
encryption. This is used to codify data so that it cannot be read by anyone who does
not have the key to the code. An algorithm, sometimes known as a cipher, is applied
to the data at the transmission end and the reverse is applied at the reception end.
Backup and recovery. Making a backup of data is the only way of recovering from a
total data disaster. Many individuals and organisations back up data to Flash
state storage devices or magnetic tape at night. The tapes are stored safely in a
separate place, so that they are not destroyed by any disaster which could destroy
the master system (ﬁ re, earthquake, etc.). Many types of backup exist, including:
Full system backup of all data held for a speciﬁ c purpose.
Incremental backups of ﬁ les or data that has been changed since the last full
backup. This is faster than running a full back up every time.
Backups to removable media, such as a removable hard drive (if you have a large
amount of data), USB sticks, CDs and DVDs.
It is also possible to back up data across a network (or across the internet) to a server in
a completely separate location (for example, backing up data to the cloud).
Access is often set up on a need-
to-know basis. For example,
sales personnel have access to
particular groups of customers,
supervisors have access to an
area of customers, the sales
manager has access to all
customers but only in the sales
area, and the managing director
has access to all information.
Did you know?
Passwords should be strong.
Thismeans they should:
• be at least 8 characters long
• use a combination of lower
case letters, upper case
letters, numbers and symbols
• be hard to guess – make
sure they aren’t an easy
combination, e.g. abc123, or
something related to you that
is obvious, e.g. your name
and a number.
• avoid dictionary words, which
could be guessed by trial and
BTEC First in Information and Creative Technology
Learning aim C
Possible threats to data 2