Embed Size (px)
DESCRIPTION
This is a presentation about how system breaches can affect computer systems and data in business. This is part of my IT coursework*
Citation preview
Impact on IT System BreachesAJAY JASSI
How an organisation’s IT systems can be breached
I.T systems need a variety of security features to prevent their systems from being breached.
The easiest method of getting onto an organisation's network without knowing any protection passwords is by using a Ethernet cable in the site. This will enable the user accessing data that has been stored and shared on the network. A security feature to prevent this is by using a MAC filtering.
Emails in the organisation can be hacked easily by guessing a simple password, or by asking general questions which may possibly be their security question if they had forgotten their password.
Removable data devices can be used to steal data by transferring the items or by physically stealing the organisations devices which has backups stored onto.
Common security threats
These common threats are mostly internally done.
The main cause of this is untrained and unprofessional staff and employees. This is mainly from them being un-protective and are being lazy to look after data as the possible treats may not affect them or aren't aware about them.
Another threat is malware, which can be affected with weak firewalls and security protection software on the computer systems.
Potential impacts of security threats
This may have impacts on the businesses profitability, as more money will be required to spend to maintain and repair the I.T systems, data and the networks . This will cause them a long-term effect as they will need to take out loans in the future.
If another business has got records and data of the business, they can used this a threat to compete with them by offering cheaper deals and offers to the same audience and customers. This will ruin the businesses reputation as existing and new customers will choose the other business offering better and cheaper services.
Potential threats This is when danger is found which can harm the system, which is detected by the computer security.
Botnet attack This is also known as Malware. It occurs when performing tasks on the internet.
These happens without the user knowing by spreading from emails, servers and fraud attacks.
Spam This is an electronic virus which is hidden in fraud emails.
These are sent over through the internet by adverting fraud.
Adware This is a software which automatically downloads in the background advertising pop-ups when online, and popup is opened.
Trojan This is a hacking program which is not self-replicating.
These attack on the operating system while performing on unsecure webpages.
worm This is a standalone malware which is on the computer that spreads to others by the network and servers.
Spyware This is a software which monitors and receives information from other computers. These are installed by popups and without the user knowing in the background.
Most common potential threats
The most common potential threats are Worms, Trojans, Spam, Spyware and Adware. Worms, and Trojans can harm the computer system and network, whereas Spyware and Adware can save personal information such as names, addresses, contact numbers and card details. This can affect the user as this is used for fraud.
These threats are the easiest to get and cannot be detected by a non-technical user, without any anti-virus protection software.
Anti- virus protection software detects threats and most of times removes them. However sometimes the threats cannot or are not removed with the software.
Impacts of potential threats
Worm: theses impact on the computer system and the internet network by making everything slow. This happens by taking up a lot of space on the hard drive which the operating system is on. Worms are can be removed simply by installing a well known anti-virus software.
Spam: these impact on the computer system, by installing and storing harmful software and files onto the hard drive. This is not detected by anti-virus software and has to recognised manually.
Trojan: theses impact on the internet network by using your server to gather personal details like worm, however more is affected by a Trojan as they can be broken down into small things, such as proxy, FTP, DoS, or remote access Trojans.
Spyware: these mainly affect the user as they try finding out personal details such as credit cards, names, contact numbers and addresses. This is then used as fraud or a scam.
Adware: these are very similar to Spyware, and mainly affects the user. Adware normally finds out the user’s name, age, gender, email addresses, passwords, pc configuration and users web history. From this can find out more information and use this towards fraud and scamming.
Legal responsibilities It is the employer's responsibility to protect data in the organisation, by relying and trusting their employees and staff.
Without putting the business at risk the employer would need to employee trained and trustworthy staff.
However it is important that the employer ensures that the work environment and his employees are safe and are following the health and safety procedures.
For a business to success the employer will need to take responsibility to lead the team.
Legislation to protect IT systems and data (data protection act)
Computer systems and data can be protected by an act that was but together by the government which is called the ‘Data Protection Act’.
This is mainly used by business, organisations and the government.
They secure their data by using computerised systems to ensure that the data is kept safe and secure, without no transfers of anyone outside of the UK without adequate protection.
There are also stronger legal protection to protect people in the business for information such as ethnic, religion, criminal record, health, sexual health and politic thoughts.
