Friday 5 October 2012

The Work Environment

  • Organization can increase employee effectiveness by paying attention to the health concerns in today's work environment.
  • One of most common form of IT worker related injury is repetitive strain injury(RSI)
  • Repetitive strain injury is an injury caused by working incorrectly for a prolonged period of time.
  • In order to protect employees against work related injuries it is essential to look into ergonomics.
  • Ergonomics is the study of designing and positioning computer equipment for employee health and safety.
Posted by at No comments:

Privacy Issues

  • Another important issue of information system is privacy.
  • The issue of privacy is important because data on an individual can be collected, stored and used without the person's knowledge or consent.
  • The right to privacy at work is also an important issue.
  • Recently, companies that have been monitoring their employees have raise concerns
  • These computer systems directly tie in with the workstations.
  • Email also raises some interesting issues about work privacy.
  • Federal law permits employers to monitor email sent and received by employees.
Posted by at No comments:

Backup information

In computing, backup storage is storage that is intended as a copy of the storage that is activity in use so that if the storage medium such as a hard disk fails and data is list on the medium it can be recovered from the copy.

Types of Backup

  • Full backup
    • A full backup is a backup of every file on a file system whether that file has changed or not.
  • Incremental backup
    • Incremental backups also back up only the changed data, but they only back up the data that has changed since the last backup-be it a full or incremental backup.
    • So if you do an incremental backup on Tuesday you only back up the data that changed since the incremental backup on Monday.
  • Differential backup
    • A differential backup backs up only the files that changed since the last full backup.
    • For example On Monday you back up only the files that changed since Sunday, on Tuesday you back up only the files that changed since Sunday and so on until next full backup.
Posted by at No comments:

Contigency Planning

  • Some risk cannot be reduced
  • Plan for risk occurrence
  • Contingency planning is a systematic approach to identifying what can go wrong in a situation.
  • Benefit?
  • Minimize loss
  • Prevent panic
Posted by at No comments:

Protection Information

  1. Apply Risk Management Techniques
    • Risk is a potential danger to an asset or something valuable such as computer system that may arise from some present process or future event.
    • Risk management is a systematic process of making a realistic evaluation of the true level of risks to your business
    • Before risks can be properly managed they need to be identified - you can begin with these questions.
      • What can go wrong?
      • What can we do to prevent it?
      • What do we do if it happens?
  2. Prepare Disaster Recovery Plan
  3. Use Backup
Posted by at No comments:

Preventing computer related crime

  • Cryptography: How it works?
    • it is a variable value that is used by cryptographic algorithms to produce encrypted text or decrypt encrypted text.
    • The length of the key reflects the difficulty to decrypt from the encrypted message.
  • Cryptography is first appeared in closed commercial, financial network and military systems.
  • We can send/receive secure e-mail, connect to secure website to purchase goods or obtain services.
  • Problem: how do we implement them in this global open network, internet?
  • To what level of encryption is sufficient to provide safe and trust services on the Net?
  • The Public Key Infrastructure enables users of an unsecured public network such as the internet to securely and privately exchange data through the use of a public and private cryptographic key pair that is obtained through a trusted authority.
  • A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file) is authentic.
    • This is NOT scanned signature!!
    • Authentic means that you know who created the document and you know that it has not been altered in any way since that person created it.
    • A message is generated between a 128-bit and a 256 bit through an algorithm. This generated number is then encrypted with the senders private key and added to the end of the message.
    • The recipient receives the message they run the message through the same hash algorithm and generate. They then decrypt the signature using the senders public key and provided the two numbers match they know the message is from who that is has not been modified.
  • Anti-virus software to ensure that malicious program such as worms and viruses do not damage or destroy vital information.
  • Anti-virus programs or utilities prevent viruses and recover the computer from them if the computer is infected.
  • Using intrusion detection software monitors the system and network resources and notifies of any unauthorized access.
  • The following are protocols that will help protect systems against hackers
    1. Install string user authentication and encryption capabilities
    2. Install the latest security patches
    3. Disable guest accounts and null user accounts
    4. Do not provide easy log in procedures for remote users.
    5. Give an application its own server
    6. Restrict physical access to the server
    7. Turn audit trails on
    8. Consider installing caller ID
    9. Install a corporate Firewall
    10. Install anti-virus software
    11. conduct regular IS security audits
    12. Verify and exercise frequent data backups for critical data.
    13. Have contingency plan in place.
Posted by at No comments:

Attacks


Posted by at No comments:
Subscribe to: Posts (Atom)