iGCSE Computer Science - Distance Learning

Tutor Marked Assignment 6
Tutor Marked Assignment 8 (Programming)

Methods of Protecting Data

A network which is connected to the Internet is vulnerable to attack using some of the methods that we saw in the previous lesson. There are a number of ways which we can keep our networks safer and more secure and the ways in which we do this also depend on the type of computer system that we are using. A home network or individual (stand-alone) computer system will require less security than a large business network, although it is still important to have some basic security measures in place.

Passwords

password

It’s likely that you already have some of the most basic network security set up on your own systems. Setting up strong passwords to ensure that only the authorised user can access accounts is an important part of network security. Often , you will find that you are forced to change these on a regular basis. This ensures that if your password has been accessed by someone else it is not vulnerable forever.

Cracking vs Hacking

Before looking into some of the other methods of protecting data it’s important to be aware of the difference between hacking and cracking when we talk about malicious attempts to access our data. The term cracking means to find out or calculate the password for a user account on a network. Cracking a password may be a simple as using a brute force attack when many different passwords are attempted until the right one is discovered. This brute force attack may happen by a human manually entering someone’s password until the right one works, or more often by using software which will attempt thousands of different regularly used passwords.

Hacking requires both the cracking of the password to access the network and then a malicious attempt to access and manipulate the data in the system. Hacking will generally mean that the network is breached and then data is either changed or possibly malware is installed in the system.

Lesson Activity

Watch the video below about cracking a user’s password and write down the ways in which we can prevent people from cracking our passwords by following specific rules. You may want to create some visual notes in the form of a poster and look at the passwords that you use yourself and whether you need to change them!

In the video, this cartoon is referred to. Although the exam requires you to identify strong passwords as the first example, why is the final example actually much better? (don’t forget to use the first example in your exam answers!)

Anti-Malware

firewall

You may also find that some of the software used to protect the network is also on your computer. Anti-malware software such as firewalls, antivirus, and antispyware also used and protecting network as well as protecting your own computer. Network firewall works in the same way as the firewall on your own system, preventing unauthorised access from outside the network from entering.

Network Policies

network policy

One of the most basic forms of protecting a network is by setting network policies. In its most basic form, a network policy is a rule about what can and cannot be performed on a device connected to a network. In a home network, this may be a rule which is set on the software of the router. Newer smart routers often contain this software allowing parental controls to be set. On a large business network these rules would be set up on the proxy server. The proxy server acts like a gateway for data going in and out of the network and ensuring that the data meets the corporate policies (that is the rules set by the management of the company). It’s quite likely that you have come across a proxy server if you have ever found that an internet site, video, or image has been blocked on your network.

User Access Levels

user

Another simple way to ensure the network is protected is to set up user access levels. User access levels allow the network manager to assign different users different permissions to areas of the network. Often, these are done in different groups and we refer to them as virtual networks. This means that when a user logs onto any machine in the network their access level is applied automatically and they will only be able to see and edit the data that they are authorised to access.

Penetration Testing

hacker

In some networks, more involved tasks are performed on a regular basis to protect the data and hardware in the networks from different forms of attack and security risks. One example of these tasks is penetration testing. When penetration testing is undertaken an expert in data security is often brought in to test for vulnerabilities in the network. Sometimes we refer to this as white hat hacking (this simply means that the person undertaking the testing has knowledge of how to hack into a system, but is using it to help prevent the vulnerabilities instead of exploiting them).

Revision Activity

Download and complete the visual notes below. Remember to add colour to the key terms and your own notes in the spaces provided.