Understanding Data Protection and Malware

Dec 13, 2024

Geotech: Chapter 5 - Cambridge AS/Level E-Security

Key Topics Covered

  • Definition of personal data
  • Importance of keeping personal data confidential
  • Methods to maintain confidentiality of personal data
  • Unauthorized methods of gathering personal data
  • Evaluation of data prevention methods
  • Types and uses of malware
  • Consequences of malware for organizations and individuals
  • Preventing malware from entering computers

Personal Data

  • Definition: Information that relates to an identifiable living human being.
  • Can be used to identify someone even if de-identified or encrypted.
  • Deidentification: Removing identifiable details; data can be re-identified with remaining data.
  • Sise Data: Replacing personal data with temporary IDs.

General Data Protection Regulation (GDPR)

  • Governs data protection in EU.
  • Promotes anonymization of data.
  • Personal data includes names, addresses, emails, ID numbers, IP addresses, etc.

Keeping Personal Data Confidential

  • Reasons: Prevent identity theft and fraud.
  • Risks: Identity theft, unauthorized transactions.
  • Methods: Encryption, confidentiality agreements, limited access, network security.

Methods to Prevent Data Misuse

  • Firewalls: Prevent unauthorized network access.
  • Penetration Testing: Ethical hacking to identify vulnerabilities.
  • Authentication Techniques: User IDs, passwords, smart cards, biometrics.
  • Multiple Factor Authentication: More than one method for accessing data.

Network Policies

  • Rules determining access to computer networks and data.
  • Software Updates: Critical for security; eliminate vulnerabilities.

Gathering Methods by Unauthorized Persons

  • Pharming: Redirecting users to fake websites.
  • Phishing: Obtaining data via deceptive emails.
  • Smishing: Similar to phishing but via SMS.
  • Vishing: Phishing via phone calls.

Malware Overview

  • Definition: Malicious software intended to cause harm.
  • Includes viruses, worms, spyware, adware, rootkits, ransomware.

Types of Malware

  • Virus: Spreads between computers, alters operations.
  • Trojan Horse: Disguises as legitimate software.
  • Worms: Exploit security holes; replicate across networks.
  • Spyware: Gathers user information without knowledge.
  • Adware: Automatically generates ads, can slow systems.
  • Rootkit: Hides within system, offers remote access.
  • Malicious Bot: Performs automated tasks, collects data.
  • Ransomware: Holds data hostage for payment.

Consequences of Malware

  • For Organizations: Financial loss, data breaches, operational disruptions.
  • For Individuals: Identity theft, privacy violations.

Prevention Strategies

  • Antivirus Software: Regular scanning and updates.
  • Firewalls: Filter and monitor network traffic.
  • Education: Train employees on security measures.
  • Regular Software Updates: Eliminate security vulnerabilities.
  • Strong Passwords & Authentication: Reduce unauthorized access.

Final Notes

  • Personal vigilance and updated security measures are crucial.
  • Use reputable software for antivirus and internet browsing.
  • Regularly review and update security protocols.
  • Always log off from computers after use.