What is Computer security?
Computer security is safeguarding the computer and the related equipment’s from the risk of damage or fraud.
It is also protection of data and information against accidental or deliberate threats which might cause unauthorised modification, disclosure, or destruction.
A computer system can only be claimed to be secure if precautions are taken to safeguard it against damage or threats such as accidents, errors and omissions.
The security measures to be undertaken by the organization should be able to protect;
1. Computer hardware against damage.
2. Data, information and programs against accidental alteration or deletion.
3. Data and information against hazards.
4. The computer against unauthorised use.
5. Data, information and programs against piracy or unauthorised copying.
6. Data and programs used by the computer system against illegal or unauthorised modification.
7. Storage media, e.g., disks, tapes, etc against accidental destruction.
8. Policies of the organization.
9. Buildings.
10. Accidental interruption of power supply or communication lines.
11. Disclosure of confidential data or information.
12. Ensure that both hardware and software have longer life span.
Environmental threats to computers and Information systems
1). Fire.
Fire destroys data, information, software and hardware.
Security measures against fire;
1. Use fire-proof cabinets and lockable metal boxes for storage media and disks.
2. Use of backups.
3. Install firefighting equipment’s, e.g., fire extinguishers.
4. Have fire detectors in place.
5. Training of fire-fighting officers.
6. Observe safety procedures, e.g., avoid smoking in the computer rooms.
7. Have well placed exit signs.
8. Contingency plans.
2). Water floods and moisture
This causes rusting of the metallic components of the computer.
Security measures against water, floods and moisture;
1. Set up computer rooms on higher grounds to avoid floods and humidity.
2. Avoid installing computer components in the basement.
3. There should be adequate drainage system.
4. Use water-proof ceilings and floors.
3). Lightening, electricity and electrical storms
This causes power failure that can cause damage to data, which has not been transferred to permanent storage deuces.
Security measures:
1. Install facilities to control power fluctuations, e.g., use of uninterrupted power source (UPS)
2. Use power stabilizers.
3. Have standby power generators/sources.
4. Have lightening arrester in the building.
4). Excessive Heat or Temperature
Excessive heat or temperature from the computer itself or from the surrounding environment can destroy computer storage media or devices.
• Accidental deletion of data, information or programs.
• Vandalism, i.e., theft or destruction of data, information or programs and hardware.
• Piracy of copyrighted data and software.
Security measures against employees;
1. Better selection of personnel.
2. Have a good office layout.
3. Improve employee training and education.
4. Limit access to data and computers.
5. Regular backups.
6. Use of Undelete and Unformat utilities.
Security measures against Vandalism;
1. Should have a sensitive attitude to office behaviour.
2. Tighten security measures, e.g., install alarm systems, burglar-proof doors/windows, and roofs).
3. Limit access to sensitive company information.
4. Use Keyboard lock on terminals used by authorised users.
5. Use of disk locks.
6. Punitive measures.
9). Earthquakes.
Causes of Data Loss in Computers
1. Power failure
Momentary interruptions or fluctuations of electrical power may cause;
1) Crashing of computers
2) Loss of data or information that had not been saved before the power disruption.
3) Damage to computer's secondary storage media. This may result to loss of data and Application software stored on the media.
The main cause of power disruptions are;
a) Regular saving of documents
Frequent saving of documents ensures that minimum data is lost in case of any power failure.
Some application packages have an AutoSave feature, which should be activated to automatically save work after a specified time interval.
b) Use of Uninterruptible Power Supply (UPS)
To eliminate any power quality defects or fluctuation, use power correction equipment such as a Stabilizer or Uninterruptible Power Supply (UPS).
The Recycle Bin will restore all selected files to their original folders and disks.
NB: If you delete a file accidentally, don't copy any files or install any applications to the disk that contains the deleted file. If you write anything to the disk, you might destroy parts of the deleted file, making it unrecoverable.
(d) Use of Backups.
All data must be backed up periodically either on disks, tapes or CDs so that in case of any accidental loss, the backed up copy can be used to recover the data.
For small files, use the Copy command to make a copy of the data on a disk.
Computer security is safeguarding the computer and the related equipment’s from the risk of damage or fraud.
It is also protection of data and information against accidental or deliberate threats which might cause unauthorised modification, disclosure, or destruction.
A computer system can only be claimed to be secure if precautions are taken to safeguard it against damage or threats such as accidents, errors and omissions.
The security measures to be undertaken by the organization should be able to protect;
1. Computer hardware against damage.
2. Data, information and programs against accidental alteration or deletion.
3. Data and information against hazards.
4. The computer against unauthorised use.
5. Data, information and programs against piracy or unauthorised copying.
6. Data and programs used by the computer system against illegal or unauthorised modification.
7. Storage media, e.g., disks, tapes, etc against accidental destruction.
8. Policies of the organization.
9. Buildings.
10. Accidental interruption of power supply or communication lines.
11. Disclosure of confidential data or information.
12. Ensure that both hardware and software have longer life span.
Environmental threats to computers and Information systems
1). Fire.
Fire destroys data, information, software and hardware.
Security measures against fire;
1. Use fire-proof cabinets and lockable metal boxes for storage media and disks.
2. Use of backups.
3. Install firefighting equipment’s, e.g., fire extinguishers.
4. Have fire detectors in place.
5. Training of fire-fighting officers.
6. Observe safety procedures, e.g., avoid smoking in the computer rooms.
7. Have well placed exit signs.
8. Contingency plans.
2). Water floods and moisture
This causes rusting of the metallic components of the computer.
Security measures against water, floods and moisture;
1. Set up computer rooms on higher grounds to avoid floods and humidity.
2. Avoid installing computer components in the basement.
3. There should be adequate drainage system.
4. Use water-proof ceilings and floors.
3). Lightening, electricity and electrical storms
This causes power failure that can cause damage to data, which has not been transferred to permanent storage deuces.
Security measures:
1. Install facilities to control power fluctuations, e.g., use of uninterrupted power source (UPS)
2. Use power stabilizers.
3. Have standby power generators/sources.
4. Have lightening arrester in the building.
4). Excessive Heat or Temperature
Excessive heat or temperature from the computer itself or from the surrounding environment can destroy computer storage media or devices.
Security measures;
1. There should be efficient ventilation system.
2. Use a cooling system in the computer rooms, e.g., cooling fans and air conditioners.
5). Computer virus attack.
A virus is a rogue software program that spreads rampantly through computer systems, destroying data or causing the system to break down.
Security measures against computer virus;
1. Make backup copies of software, and store the copies off-site.
2. Restrict access to programs and data on a 'need-to-use' basis.
3. Check all programs regularly for change of size, as this could be a sign of virus infiltration.
4. Make sure all purchased software is in its original sealed-disk containers.
6). Smoke and Dust
Dust and smoke particles settle on storage devices and may scratch them during read/write operation.
Security measures;
1. Have dust mats or carpets to prevent entry of dust.
2. Fit the computer room with special curtains to reduce entry of dust particles.
3. Cover the devices with dust covers when cleaning the room.
7). Terrorist attack
This includes activities such as;
1. Political terrorists
2. Criminal type of activities
3. Individuals with grudges or
4. People intending to cause general destruction.
Security measures;
1. Hiring of security guards to control physical access to the building housing the computers.
2. Activities that can cause terrorism should be avoided, e.g., exploitation of workers.
3. Have double door and monitoring devices.
4. Use of policies.
5. System auditing use of log files.
6. Use of passwords.
7. Punitive measures.
8. Encryption of data.
9. Use of firewalls.
10. Consult and co-operate with the Police and Fire authorities on potential risks.
8). People.
People threats include:
• Carelessness.
1. There should be efficient ventilation system.
2. Use a cooling system in the computer rooms, e.g., cooling fans and air conditioners.
5). Computer virus attack.
A virus is a rogue software program that spreads rampantly through computer systems, destroying data or causing the system to break down.
Security measures against computer virus;
1. Make backup copies of software, and store the copies off-site.
2. Restrict access to programs and data on a 'need-to-use' basis.
3. Check all programs regularly for change of size, as this could be a sign of virus infiltration.
4. Make sure all purchased software is in its original sealed-disk containers.
6). Smoke and Dust
Dust and smoke particles settle on storage devices and may scratch them during read/write operation.
Security measures;
1. Have dust mats or carpets to prevent entry of dust.
2. Fit the computer room with special curtains to reduce entry of dust particles.
3. Cover the devices with dust covers when cleaning the room.
7). Terrorist attack
This includes activities such as;
1. Political terrorists
2. Criminal type of activities
3. Individuals with grudges or
4. People intending to cause general destruction.
Security measures;
1. Hiring of security guards to control physical access to the building housing the computers.
2. Activities that can cause terrorism should be avoided, e.g., exploitation of workers.
3. Have double door and monitoring devices.
4. Use of policies.
5. System auditing use of log files.
6. Use of passwords.
7. Punitive measures.
8. Encryption of data.
9. Use of firewalls.
10. Consult and co-operate with the Police and Fire authorities on potential risks.
8). People.
People threats include:
• Carelessness.
• Accidental deletion of data, information or programs.
• Vandalism, i.e., theft or destruction of data, information or programs and hardware.
• Piracy of copyrighted data and software.
Security measures against employees;
1. Better selection of personnel.
2. Have a good office layout.
3. Improve employee training and education.
4. Limit access to data and computers.
5. Regular backups.
6. Use of Undelete and Unformat utilities.
Security measures against Vandalism;
1. Should have a sensitive attitude to office behaviour.
2. Tighten security measures, e.g., install alarm systems, burglar-proof doors/windows, and roofs).
3. Limit access to sensitive company information.
4. Use Keyboard lock on terminals used by authorised users.
5. Use of disk locks.
6. Punitive measures.
9). Earthquakes.
Causes of Data Loss in Computers
1. Power failure
Momentary interruptions or fluctuations of electrical power may cause;
1) Crashing of computers
2) Loss of data or information that had not been saved before the power disruption.
3) Damage to computer's secondary storage media. This may result to loss of data and Application software stored on the media.
The main cause of power disruptions are;
- Amplitude fluctuations
- Power line noise
- Low voltage sages
- High voltage surges
- Voltage outages
- Voltage spikes
- Waveform distortions
- Power frequency variations
a) Regular saving of documents
Frequent saving of documents ensures that minimum data is lost in case of any power failure.
Some application packages have an AutoSave feature, which should be activated to automatically save work after a specified time interval.
b) Use of Uninterruptible Power Supply (UPS)
To eliminate any power quality defects or fluctuation, use power correction equipment such as a Stabilizer or Uninterruptible Power Supply (UPS).
These equipment’s ensure a steady flow of input power to the computer system.
2. Computer viruses
A computer virus destroys all the data files and programs in the computer memory by interfering with the normal processes of the operating system.
Precautions against computer viruses;
a) Anti-virus software.
Use Antivirus software to detect and remove known viruses from infected files.
2. Computer viruses
A computer virus destroys all the data files and programs in the computer memory by interfering with the normal processes of the operating system.
Precautions against computer viruses;
a) Anti-virus software.
Use Antivirus software to detect and remove known viruses from infected files.
Some of the commonly used Antivirus software are: Avast, Avira, Kaspersky, Norton, AVG, etc.
NB: The best way to prevent virus is to have a memory-resident antivirus software, which will detect the virus before it can affect the system.
NB: The best way to prevent virus is to have a memory-resident antivirus software, which will detect the virus before it can affect the system.
Once in the RAM, the antivirus software will automatically check disks inserted in the drives and warn the user immediately if a disk is found to have a virus.
For an antivirus to be able to detect a virus, it must know its signature. Since virus writers keep writing new viruses with new signatures all the time, it is recommended that you update your antivirus product regularly so as to include the latest virus signatures in the industry.
The Antivirus software installed in your computer should be enabled/activated at all times.
You should also perform virus scans of your disks on a regular basis.
3. Accidental erasure
Commands such as DELETE and FORMAT can be dangerous to the computer if used wrongly.
Both commands wipe out the information stored on the specified secondary storage media,
e.g., formatting the Hard disk (drive C:) will destroy all the software on that system.
Precautions against Accidental erasure;
a) Use of Undelete utilities.
Use the Undelete facilities in case you accidentally delete your files.
Undelete facilities depends on the operating system you are using.
For an antivirus to be able to detect a virus, it must know its signature. Since virus writers keep writing new viruses with new signatures all the time, it is recommended that you update your antivirus product regularly so as to include the latest virus signatures in the industry.
The Antivirus software installed in your computer should be enabled/activated at all times.
You should also perform virus scans of your disks on a regular basis.
3. Accidental erasure
Commands such as DELETE and FORMAT can be dangerous to the computer if used wrongly.
Both commands wipe out the information stored on the specified secondary storage media,
e.g., formatting the Hard disk (drive C:) will destroy all the software on that system.
Precautions against Accidental erasure;
a) Use of Undelete utilities.
Use the Undelete facilities in case you accidentally delete your files.
Undelete facilities depends on the operating system you are using.
The Recycle Bin on Microsoft Windows temporarily stores all deleted files and can be used to recover your files.
To recover from recycle bin;
1. Double-click the Recycle Bin on the desktop.
2. Click on the files you want to undelete.
3. Click on File, choose Restore.
The Recycle Bin will restore all selected files to their original folders and disks.
NB: If you delete a file accidentally, don't copy any files or install any applications to the disk that contains the deleted file. If you write anything to the disk, you might destroy parts of the deleted file, making it unrecoverable.
(d) Use of Backups.
All data must be backed up periodically either on disks, tapes or CDs so that in case of any accidental loss, the backed up copy can be used to recover the data.
For small files, use the Copy command to make a copy of the data on a disk.
4. Crashing of hard disks
When a hard disk crashes, the data or information on the disk cannot be accessed.
When a hard disk crashes, the data or information on the disk cannot be accessed.
The effect is the same as formatting the hard disk.
Crashing of a hard disk can occur due to the following reasons:
i) Mishandling of the computer system, e.g. moving the system unit while the computer is on and accumulation of dust.
Crashing of a hard disk can occur due to the following reasons:
i) Mishandling of the computer system, e.g. moving the system unit while the computer is on and accumulation of dust.
ii) Computer virus attack.
iii) Physical damage to the System unit caused by dropping or banging when being moved.
Precautions against crashing of Hard disks:
a) Use of Backups.
All data must be backed up regularly. In addition, all application programs and operating system software should also be kept safely so that in case of a complete system crash, everything can be re-installed/restored.
b) Use of Recovery tools.
System tools such as Norton Utilities, PC Tools, QAPlus, etc can be used to revive a disk that has crashed.
5. Unauthorised access
Unauthorised access refers to access to data and information without permission.
Computer criminals can do the following harms;
• Steal large amounts of funds belonging to various companies by transferring them out of their computer accounts illegally.
• Steal or destroy data and information from companies, bringing their operations to a standstill.
• Spread destruction from one computer to another using virus programs. This can cripple the entire system of computer networks.
• Spread computer worm programs. Worm programs are less harmful in the beginning, but render the computer almost useless in the long-run.
Precautions against unauthorised access;
a) Restrict physical access.
Physical access to computer systems should be restricted to ensure that no unauthorised person gets access to the system.
Some of the ways of restricting physical access include;
Install a password to restrict access to the computer system.
A Password is a secret code that can be used to prevent unauthorised access of data in a computer.
Passwords can be put in at various levels;
Some computer security systems may generate an alarm if someone tries to use a fake password.
NB: You should never use passwords that can easily be linked to you, e.g., your name, identity card number, mobile number, birth date, or names of people close to you.
iii) Physical damage to the System unit caused by dropping or banging when being moved.
Precautions against crashing of Hard disks:
a) Use of Backups.
All data must be backed up regularly. In addition, all application programs and operating system software should also be kept safely so that in case of a complete system crash, everything can be re-installed/restored.
b) Use of Recovery tools.
System tools such as Norton Utilities, PC Tools, QAPlus, etc can be used to revive a disk that has crashed.
5. Unauthorised access
Unauthorised access refers to access to data and information without permission.
Computer criminals can do the following harms;
• Steal large amounts of funds belonging to various companies by transferring them out of their computer accounts illegally.
• Steal or destroy data and information from companies, bringing their operations to a standstill.
• Spread destruction from one computer to another using virus programs. This can cripple the entire system of computer networks.
• Spread computer worm programs. Worm programs are less harmful in the beginning, but render the computer almost useless in the long-run.
Precautions against unauthorised access;
a) Restrict physical access.
Physical access to computer systems should be restricted to ensure that no unauthorised person gets access to the system.
Some of the ways of restricting physical access include;
- Locking of doors.
- Use of personal identification cards. — Use of fingerprint identification.
- Use of special voice-recorders. They analyse the voice of a trespasser and checks against the database containing the voice patterns of valid users.
Install a password to restrict access to the computer system.
A Password is a secret code that can be used to prevent unauthorised access of data in a computer.
Passwords can be put in at various levels;
- At the point of switching on the computer — to restrict access to the computer.
- On folders/directories — to restrict access to entire folders directories.
- On files to restrict access to individual files within a directory.
- On database systems — to restrict access to individual data elements.
Some computer security systems may generate an alarm if someone tries to use a fake password.
NB: You should never use passwords that can easily be linked to you, e.g., your name, identity card number, mobile number, birth date, or names of people close to you.
