There are five critical plannings areas for data security :
1) Development and implementation of security safeguards, such as passwords
2) Determination of appropriate policies and standards to protect data chains unauthorized disclosure, alteration or destruction
3) Inclusion of security precautions at the development stage of new automated systems, rather than after the systems are in use
4) Review of state laws related to security
They are several data protection techniques : these will not individually ( or even collectively ) guarantee security , but at least they make a good start.
Internal controls are controls that are planned as part of the computer system. One example is a transaction log. This is a file of all accesses or attempted accesses to certain data.
Passwords :
A password is a secret word or number, or a combination of the two, that must be typed on the keyboard to gain access to a computer system. Good data protection systems change passwords often and also compartmentalize information by passwords, so that only authorized persons can have accesses to certain data. Cracking passwords is the most prevalent method of illicit entry to computer systems.
Secured Waste :
Discarded printouts, printer ribbons, and the like can be sources of information to unauthorized persons. This kind of waste can be made secure by the use of shredders or locked trash barrels.
Auditor Checks : Most corangfs have auditors and in the course of their duties, auditors frequently review computer programs and data. From a data security standpoint, auditors might also check to see who has accessed data during periods when that data is not usually used. They are also on the lookout for unusual numbers of corrected data entries, usually a trouble sign.
Separation of Employee Functions :
By limiting employee duties so that doubling up on job functions is not permitted, a computer organization can restrict the amount of unauthorized access. That is, it an installation where the computers-mainframes or minis-are behind locked doors, only operator have physical access to them. Unfortunately, separation of functions is not practical in a small shop ; usually one or more employees perform multiple functions. And, of course, separation of functions does not apply in a personal computer environment.
Built-In-Software Protection :
Software can be built into operating systems in ways that restrict access to the computer system. One form of software protection system matches a user number against a number assigned to the data being accessed. If a person does not get access, it is recorde that he or she tried to tap into some area to which they were not authorized. Another form of software protection is a user has legitimate access. The profile also includes each persons job function, budget number, skills, areas of knowledge, access privileges, supervisor, and loss-causing potential. These profiles are available for checking by managers he there is any problem.
