Unit 1 Lo5 issues and security Flashcards
What is Whistle Blowing?
When a member of staff reveals that the organisation they work for is engaging in unlawful practices. This could include breaking privacy laws, threatening staff, or environmental damage.
What is Discrimination?
When an employee is treated unfairly because of a personal or physical characteristic over which they have no control. The Equality Act (2010) ensures equal treatment for all people irrespective of:
- race
- sexuality
- gender
- disability
- marital status
What is the Use of Information?
Laws such as GDPR (General Data Protection Regulation) and specifically the Data Protection Act (2018) ensure that organisations must responsibly process personal data.
What are Codes of Practice?
A set of rules which explains how people working in certain professions are required to behave. Organisations may have a code of practice for:
- Confidentiality
- Quality assurance
- Behaviour
- Equality and discrimination
What is Bias?
This is technically correct, but slanted, information that presents a one-sided view. For example, end-of-year financial data that focuses on profits and ignores significant losses.
security of information operational issues
organisations must ensure that data is stored securely to minimise the chances of data loss, corruption or unauthorised manipulation
disaster and recovery planning operational issues
-all possible risks analysed
-preventative measures taken into analysis
-staff training
-contingency planning
-recovery measures
-replacement hardware
-software reinstalled
organisational polices
creating polices that outline acceptable CVOMPUTER NETWORJK USE
CHAGINING MANAGEMNT
formal approach by organisation lead a change in the way the business or project is run
scale of change
change drivers
companies must stay up to date with times and new technology
change drivers;
new legislation
new competitors
economic
social changes
scale of change
change needs
companies change needs and focus of organisation are alert over time
change needs;
new equipment
customer interaction
workplace shift
phishing
misleading individual into giving up sensitive info through email
hacking
exploiting weaknesses in system or network to create view modify or delete files
trojan
appears useful nut when downloaded gives attacker backdoor to your system where access data
interception
data packets on network intercepted by third party copied edited transferred to different location
eavesdropping
interception in real time private communication traffic such as instant messages or video calls
social engineering
tricking individuals into giving sensitive info e.g. claiming t be in IT department
virus
virus can replicate itself and spread from system to system. once activated virus can modify data or corrupt a system so stops working
physical security
biometrics
require human characteristic like fingerprint iris or voice scan
physical security shredding
cutting up documents into small pieces
physical security RFID AND Tokens
radio frequency identification uses electromagnetic fields to attach tag to physical objects
physical security privacy screens
plastic screens placed over a monitor to obscure the screen
digital security
anti malware
anti virus scans system and remove viruses
anti spyware removes spyware on infected system
digital security
firewall
prevent unauthorised access to or from a network
