Data Security

Data must be kept save and secure from loss or damage when being stored or transmitted by computing devices. 

Keeping the data safe means preventing it from being accidentally lost or damaged.

Keeping the data secure means preventing unauthorised users from accessing the data.

Data can be kept safe by:

• Saving work regularly
• Never working on the only copy of the work
• Shutting down the computer properly
• Storing storage media such as CDs and other removable media carefully

Data can be kept secure by:

• Physically protecting the data
• Encrypting the data
• Using passwords to control access to the data

Many organisations use backups and secure storage methods to safeguard their data by using passwords for access and by encrypting stored or transmitted data.

The proper use of backups can also help to keep data safe and secure.

All files and folders have access rights and permissions to control who can read, edit and save the file.

Organisations can control which files people are allowed to look at by setting different access permissions to the file.

Files and folders can be protected by setting the access rights to read-only so that the files cannot be altered.

Individual documents can have passwords set so that only authorised staff can open the file to read and/or edit the contents.

Passwords can be set on whole documents or parts of the document only. 

For example, in spreadsheets an office worker may be allowed to enter data about prices but not be allowed to change the formulas.

Physical security can be:

• Using security guards to protect the physical goods in supermarkets
• Posting guards at the doors of offices where the computers are used or at the doors of rooms where the data is stored on the computer servers
• Locking the doors and only giving keys to staff who are allowed to enter the area
• Having electronic security locks that need a code to open
• Using RFID tags in staff badges to keep out unauthorised people
• Not having the computer systems on the ground floor with windowa that can be broken to gain access
• Facing computer screens away from windows, doors and walkways to stop people seeing what is being displayed
• Having bars or strengthened glass on windows and doors
• Having strong doors.

Badges with RFID tags can be used to control where staff are allowed to access. 

Changing the data on the RFID tag will allow staff access to different areas.

Encryption software uses an encryption code or key to scramble (encrypt) the contents of the data files.

The proper code is needed to unscramble the file (decrypt it) so it can be read and used.

The data is meaningless is the encrypted file is accessed by anyone without the proper code.

Data can be scrambled using encryption software when it is stored or transmitted between computes over networks.

Digital signatures are used to check that a website or a message is authentic and are an example of encryption in use.

Message written - encryption key used to scramble message - scrambled message sent - the encrypted message is received - same encryption key is used to unscramble message - message can be read.

Data should be encrypted before being transmitted when customers buy goods or use services online.

Everyone should check that the website uses encryption when entering personal details.

A secure website will show a small padlock and will use https instead of http in the URL to show that it is using encryption.