Chapter 8 Data Security and Control

Kinds of things that can go wrong:

   Lost data or missing data - data that somehow disappears from your disk.
   Stolen data - data copied or retrieved from your disk without your approval
   inaccurate data - data entered incaccurately or accidentaly altered

Sources of Errrors:

Operator Error

Main symptom " The computer ate my term paper"

1.  Exiting a word processor without saving the document you have created or 
altered. Usually dialog boxes will pop up that ask you whether you want to 
save your work. You can mistakenly answer no, and the document will be 
lost.

2. Inadvertently deleting or erasing a file. Some modern operating systems 
will pop up a window that asks you if you're sure you want to delete 
"filename" before honoring a deletion request.

    In a command line operating system, you type

    delete filename

to erase a file. If you are in a subdirectory, you no longer need, you type

   delete *.* to delete all files in that subdirectory. If you think you are in
a subdirectory and are instead at the root directory of drive C, typing

    delete *.* will erase all files on your hard disk. Similarly, you make 
think you are in disk A (a floppy you no longer need) and type dir *.* and 
instead you may still be in drive C (the hard disk).


   Before using this deletion command, you should always use the command

  >dir *.*


which lists all files in your current subdirectory. Then you can decide if 
these are the files you want to delete.

3.  Formatting a floppy disk (or hard disk) that contains data you need. 
Formatting a disk erases it. If you are formatting a floppy, try to open the 
disk and see what is in it before formatting unless it is a brand new disk. 

4.  Overwriting an old file with a new one. You can also erase a file by saving 
a new file using the same name as the older file. The new file will overwrite 
the old one, causing its data to be lost. The operating system will ask you if 
you want to replace the current file with the new one. DOS did not do this, it 
just overwrote the old file.

3.  Another operator error which causes inaccurate data is just typing in the 
wrong data. Many people have the title "data entry operator" whihc means 
they sit at a keyboard all day and type in data. Newer direct source input 
devices -- scanners, bar-code readers,  are available that collect the data 
from a document or source without the need for retyping. Of course, the data on 
the document could also be incorrect.

Power and equipment failures.

Many ways to lose power: Turning computer power switch off by accident or 
by removing the power cord from its outlet (I can verify that if you drop a 
book off your desk and it hits your power cord where it meets the wall, you 
will lose power). Of course, you can experience a power outage by more 
conventional means - electrical storm causing power outage or power 
brownout due to heavier than normal electrical use. 

When you lose power, you will lose all changes you have made to documents 
that are currently open - documents that are in RAM. That is why you should 
save your work to a hard disk every ten minutes or so. Sometimes you get a 
power reduction for a brief instant but that can be enough to cause your 
computer to reboot, erasing what is in RAM. You can also lose data on your 
hard disk if you are in the middle of writing to it when the power failure 
occurs.

Other power problems: power spikes or surges. A power pike is an increase in 
power that last a very short time. Power surge is a longer lasting increase. 
Both can damage your computer--ruin memory chips or other mother board 
components. These can be caused by electrical storms so it is a good idea to 
turn your computer off.

YOu can get voltage regulators, or uninterruptable power supplies (UPS) to 
keep your power at a steady level. You plug your computer into a UPS which 
is connected to a wall outlet. Many companies use them. For your home 
computer, you can get an inexpensive surge protector to plug your computer, 
monitor, and printer into.

Sometimes an application program fails while you are in the middle of 
working with it. Again you will need to reboot and will lose all data in RAM. 
This is a common problem when you are writing programs. You can have an 
error in your program which hangs your computer up - causing you to reboot 
and lose the program you were working on.

Hardware Failures:

Most computer components are fairly reliable and last longer than you will 
need to use them. However, disks will not last forever. Each disk has a mean 
time to failure which is the average number of hours before failure. But of 
course, nothing is guaranteed- an average means some are better and some 
are worse. Usually a component will fail within the first couple of weeks if 
there is a problem. If that doesn't happen, it generally will not fail until it 
passes the number of hours you can expect it to last. After a few years on a 
disk, it could fail at any time. Your only protection is to back up critical 
files on floppies or on a tape or removable disks.


Losses due to Vandalism

Most common problems are computer viruses which replicate (copy) 
themselves from one file to another in your computer and also spread to 
other computers. They are usually attached to .EXE (executable files). When 
you run these programs, they can erase data on your hard disk. You get a 
virus by downloading a program file from another computer (through a 
network) or when you copy a program from a floppy disk into your computer.

Viruses attach themselves to .EXE files because these are the files your 
computer runs. If the "infected" file is not run frequently, it will not cause 
much damage. If the "infected" file is a program that runs whenever you boot 
your program ("boot sector virus"), it can cause much damage.

As virus spreads it attaches itself to more .EXE files so it is more likely to 
run. The infected .EXE files may actually increase in size.

Symptoms of viruses:

1.  Computer displays annoying, unexpected messages "Gotcha"  "you're 
stoned".

2.  Unusual visual or sound effects - toilet flushing.

3.  You have trouble saving files.

4.  Computer seems to slow down.

5.  Files are missing or can't be retrieved.

6.  Computer reboots in the middle of a task.

7.  Executable files increase in size.

Viruses are introduced by computer hackers and they spread through the 
internet and bulletin boards. Sometimes disgruntled or laid-off workers leave 
a virus on a computer at work. Some software has been distributed by 
software companies that had viruses. When you install the software, your 
computer gets the virus.

Kinds of viruses:

Trojan horse  - a program that appears to do one thing but is actually doing 
something else.  You may download a program that is supposed to be a 
calendar program, but it may reformat your disk or erase all files with a 
particular extension.  Sometimes you may see a logon screen on your 
computer, but it is really a program that is designed to collect user ids and 
passwords so that these accounts can be broken into. This is not a virus in the 
true sense because they don't replicate themselves.

time bomb:  a virus that stays in your computer undetected until a certain 
date. Each computer has a battery-run clock which keeps track of the date. If 
the program is run and the date is right, the virus will cause damage. Best to 
keep your computer turned off that day if you think it is infected.  --  
Michelangelo virus -- March 6th a couple of years ago.

Worm - a program that is designed to enter a computer system or network 
through a security hole. Reproduces itself like a virus. Unlike a virus, it 
does not have to be attached to an executable program to reproduce itself. An 
internet worm was introduced to the internet mail system. It then mailed 
itself to other computers in the network causing it to spread rapidly to 6000 
internet host computers. Your network server must have security systems to 
prevent worms from entering.

How to protect yourself:

You can run a virus detection program Virus detection programs - look for 
signatures - unusual collection of bytes -- in all the files on your hard drive 
or on a floppy you are intending to use. Each known virus has its own 
signature that it scans for. However, the virus detection program does not 
know the signature of a new virus.

Other approaches: programs that check for changes in file length. If you 
haven't resaved a file but its length increased, it may harbor a virus.

Anti-virus programs that compute a checksum by combining all the bytes in a 
file. If the checksum changes but the file has not been resaved, it contains a 
virus.

What steps to take if you have a virus

Notify your network administator if you are connected to a network. Run a 
disinfectant program that cleans up infected files. You may have to erase 
infected files and reinstall them. If the virus persists, you may need to save 
your data files (probably not infected) and then reformat your hard drive and 
start again to get rid of all infected .EXE files. Reinstall all program files 
from original disks or clean (not infected) backups. Copy all data files back 
to your disk. Also check all floppies and backup storage for the virus and 
disinfect them.

Data Security and Risk Management

Data security - collection of techniques that provide protection for data. 

Risk management - Process of weighing threats to computer data against the 
amount of data that is expendable and the cost of protecting data. 

1.  Determine likely threats to data.
2.  Assess the amount of data that is expendable. What could be reconstructed 
if it were lost. What would be lost forever.
3.  Determine cost of protecting all data versus cost of protecting some of it.
 - time for backups, expense of backups.
4.  Select the protective measures that are affordable, effective against the 
likely threats, and easy to implement.

Techniques for practicing data security:

1.  Establish policies

. Policies are rules and regulations that specify how the system should be 
used. Stipulate who can access data and rules that must be followed to 
minimize the risk of losing data.

Examples:

¥	Employee desktop computers may be used for work-related tasks. 
Employees are prohibited from using the computers to play games or for 
personal financial management.
¥	Employees must not install any software that has not been approved by 
the information systems dept.
¥	The company owns all data on its computers. Employees must not copy 
data on company computers for their own purposes.
¥	The company reserves the right to read employee eMail if there is reason 
to believe employee is sending data illegaly via eMail.


2.  Follow procedures. procedures are a list of recommended steps to be 
followed by employees in working with their computers to reduce the 
chance of losing data because of operator error.

Examples:

¥	Save your files frequently as you work. 
¥	Do a full backup of your hard disk weekly.
¥	When you format a disk always view a directory of its contents first to 
make sure it is the one you want to format.
¥	Use virus detection software to scan any software you have downloaded 
before you install it on your hard drive or run it for the first time.

3.  Use audit controls

Audit controls monitor the efficiency and accuracy of  a computer system. 
Also track employee activities and machine operations to determine 
whether company procedures are being followed.

Examples:

¥	Keep a log of time and date of each log in.
¥	Track the time and date each file is opened or modified and user ID of 
person accessing it.
¥	Compare input data from invoices, receipts to file data

4. Restrict access to the data

¥	Instruct users to be careful about selection of passwords and security
of passwords to prevent unauthorized users from gaining access.
¥	System adminsitrator should assign user rights or access rights that 
limit the directories and files each user may access based on the user's needs. 
Different users may have different rights for a particular directory. If a 
hacker happens to break in by guessing a user's password, the hacker is 
restricted as to what he can do based on that user's rights.

		Examples:
			Erase rights - can erase files
			Write rights - can read/write files
			Read rights - can read files only, can't modify
			File Find rights - can only list files in a directory



Trap door - a special set of instructions that allow a system developer to 
bypass the normal security precautions to enter a system. Should be 
removed after system is completed.

5. Encrypt data
Encrypt or encode company confidential data being transmitted over the 
internet so that anyone who intercepts it without authorization cannot 
interpret it.

6.  Restrict physical access to the compnay computers. 
¥	Make sure that people who don't belong can't come in and use or damage 
the computers. 
¥	Lock up all floppies that contain data.
¥	Place data backups in a locked vault so they can't be damaged by fire.

7.  Provide redundancy
Extra computers and equipment so that employees can still do their work if 
their computer is out for repair.

8.  Install and use virus detection software
¥	Keep your virus detection software up-to-date - latest versions will 
detect newer viruses that may not be detected by older versions.
¥	Check files for viruses and disinfect them before you back them up.
¥	Download software only from sources that are virus free. Scan software 
after you download it.
¥	Don't install any pirated software.

9.  Make backups
Make frequent backups.
Disinfect before you backup.
Store your backup in a safe place - away from the computer (2 reasons - 
possible stray magentic fields from computer could change data, if compter 
is damaged by flood or stolen and backup is next to it, you could lose the 
backup too.)
Test your backup to make sure you can restore your computer drive from it.


Equipment for backup

¥	   floppy disks - for individual files or classroom work. Not viable 
for backing up a large hard drive - too many floppies needed.

¥	   tape srives or removable drives - a tape drive is easiest way to 
backup large volumes of data. Also removable disks or zip drives are available. 
Holds less data than tape.

Software
¥	copy utility - part of OS - used for copying individual files or 
directories from hard disk to floppies. 
¥	copydisk utility - Can copy an entire floppy to another floppy.
¥	backup software - manages hard disk backup to tape or removable disks. 
DOS 6.0 came with backup software, but generally you need to purchase it. 
If you buy a tape drive for backup purposes, it will come with backup 
software.

Types of backup
Full backup - backup of entire contents of a hard disk. Done periodically - 
every week or so. Too time consuming to do every day.
Differential backup - copy of all files that have changed since last full 
backup. 
Do every day. To restore your drive you need last full backup and the most 
recent differential backup.
Incremental backup - copy of all files that have changed since last backup 
(either full or incremental). To restore your drive, you need last full 
backup and all the incremental backups since the last full backup.




Elliot Koffman, Professor
CIS Department
Temple University