Unit 2 data security

PREVIEW

Task 1. Work in groups. Discuss what problems with data security you can face using your computer. What about offices and companies? Make a list of answers. Compare your list with those of other students.

READING

Task 2. Study active vocabulary.

data security	безопасность данных
unauthorized	неразрешенный, неавторизованный
force majeure	форс-мажор, чрезвычайные обстоятельства
emphasis	акцентирование, особое внимание
measure	мера
to back up	создавать резервную копию
incremental backup	инкрементное резервное копирование
differential backup	разностное резервное копирование
to implement	выполнять
to encrypt	шифровать
verification	установление подлинности
biometric	биометрический
uninterruptible	непрерывный
to foil trespass	предотвратить несанкционированный доступ
sensitive position	должность, связанная с работой с секретными материалами
to rotate	чередовать
ribbons	зд. обрезки, клочки бумаги
printout	распечатка
to dispose of	избавляться от
to shrink	уменьшаться
to swipe	разг. присвоить, украсть
to lock up	запереть на замок
to elaborate	тщательно разрабатывать
power supply	источник электропитания
surge protector	сетевой фильтр
to protect (against)	защищать (от)
fire extinguisher	огнетушитель
off-site storage	внешнее хранение (программ, данных)

Task 3. Read and translate the text. Find the answers to the questions.

1. What is data security?

2. What kinds of data backup do you know? Comment upon each of them.

3. Which steps can be taken for network control?

4. How can people protect computers against viruses?

5. What are the methods of protecting data from people inside the organization?

6. What are security methods used in situations caused by force majeure and natural disasters?

Ways of protecting data

In simple terms, data security is the practice of keeping data protected from corruption, unauthorized access, force majeure, and so on. The focus behind data security is to ensure privacy while protecting personal or corporate data. Lately there has been a huge emphasis on data security, mostly because of the Internet. There are a variety of security measures that can be used to protect hardware and software including:

1. Backing up data and programs. A backup program is a program that stores a copy of data on a storage device to keep it safe. There are different kinds of backup, including:

a. Incremental backup which copies all the selected files that have been created or changed since the last full, differential or incremental backup;

b. Differential backup which copies all the files created or modified since the last full backup;

с. Full backup which copies all the selected files on a system, whether or not they have been edited or backed up before.

2. Implementing network controls such as:

a. Using passwords for your accounts;

b. Installing a firewall;

с. Encrypting data;

d. Using signature verification or biometric security devices.

3. Protecting against viruses by using antivirus programs and ensuring that all software is free of viruses before it is installed. An anti-virus program is a program that checks files for virus coding instructions inside another program and can be used for removing any virus coding instructions detected.

Protecting data from electronic invaders is one thing – but how to protect your data from people inside the organization?

4. Controlling physical access to hardware and software.

a. Using passwords is an old means that still works for limiting access. If you share a computer or are in the habit of leaving it on while you go to lunch, someone can foil trespass by making entry into the program.

b. Screening. Personnel who use computers must be carefully screened – just as they would be for any sensitive position within the company.

c. Separating and rotating the computing functions carried out by employees and carrying out periodic audits of the system i.e. observing and recording events on the network systematically.

5. Taking care of waste. Waste – from used printer ribbons to printout – should be routinely shredded or otherwise disposed of safely. If it isn’t done routinely, the day you forget to do it will be the day proprietary secrets land in the wrong basket.

As computers become more popular, so does computer crime. And now that laptop computers have shrunk in size, swiping a computer has become even easier. Laptops have been stolen from people like the chairman of Compaq Computer Corporation, Ben Rosen, and even from General Norman Schwarzkopf! The real danger for many corporations is not so much the loss of the equipment, as annoying as that is, but the loss of valuable – perhaps irreplaceable – information. Thieves can earn $ 10 000 per laptop if it belongs to the correct corporate or government official. Of course, companies have ways of protecting themselves from such crime. Methods range from the computer equivalent of locking a bicycle up with a chain, to elaborate procedures to ensure a stolen laptop cannot be connected to the corporate database.

Not only people but also situations of force majeure can cause problems. Security measures in such situations include:

6. Protecting against natural disasters by installing uninterruptible power supplies and surge protectors.

7. Protecting against fire. Large computer centers are generally protected by smoke detectors and fire extinguishers; they often use commercial off-site storage for backup records – especially copies of sensitive data and customized software. Off-site storage of backup records can save you grief hours of trying to reconstruct lost files.

Task 4. Are these statements true, false, or not mentioned in the text? Correct the false statements.

1. Data security helps to protect data.

2. Incremental backup copies all the files created or modified since the last full backup.

3. Using backup is more difficult than implementing network control.

4. Signature verification is a formal act that confirms the correctness of a signature.

5. Anti-virus programs can remove detected virus coding instructions.

6. Controlling physical access to hardware and software is the most important method of data protecting.

7. Using passwords helps to protect data and can foil trespass if you share a computer or are in the habit of leaving it on while you go to lunch.

8. Wastes not taken care of can betray your secrets one day.

Task 5. Give the Russian equivalents to the following words and phrases from the text. Choose five of them and make up sentences of your own. Read your sentences aloud for other students to translate.

Keeping data protected, unauthorized access, to ensure privacy while protecting data, encrypting data, signature verification, biometric security devices, protecting against viruses, to limit access, to foil trespass, to carry out periodic audits of the system, to take care of waste, to dispose of ribbons and printout, to shrunk in size, loss of valuable information, to elaborate procedures, uninterruptible power supplies, to protect by smoke detectors and fire extinguishers, off-site storage of backup records.

Task 6. Match the words and word-combinations on the left with the definitions on the right.

antivirus programs	electronic devices that protect equipment from damage due to a sudden surge in a power supply
backing up	computer programs or sets of programs used to detect, identify and remove viruses from a computer system
password	a secret code used to control access to a network system
firewall	appliances that measure some aspect of a living being e.g. a fingerprint reader or an eye scanner
encrypting data	protecting data by putting it in a form only authorised users can understand
biometric security devices	storing a copy of files on a storage device to keep them safe
power supplies	battery backup systems that automatically provide power to a computer when the normal electricity source fails
surge protectors	a combination of hardware and software used to control the data going into and out of a network. It is used to prevent unauthorized access to the network by hackers

Task 7. Translate the sentences into English using active vocabulary.

1. Предотвращение несанкционированного доступа к компьютеру – одно из важнейших направлений защиты информации.

2. Использование пароля и шифрование информации позволяют обеспечивать сохранность данных.

3. Установление подлинности подписи и использование биометрического устройства защиты являются современными методами защиты от незаконного доступа к компьютеру.

4. Лаборатория Касперского производит программное обеспечение, защищающее от вирусов.

5. Необходимо избежать потери ценной информации.

6. Источник бесперебойного питания и сетевой фильтр помогут защитить ваш компьютер от перепадов напряжения.

7. Мы защищаем наш компьютерный центр от пожара при помощи детекторов дыма и огнетушителей.

8. Внешнее хранение резервных копий документов является важным правилом для системного администратора.

PROBLEM SOLVING

Task 8. Work in groups.

A. Try to guess what these types of computer crime are.

1. Theft of information contained in electronic form

2. E-mail bombing

3. Data diddling

4. Salami attack

5. Denial of Service attack

6. Virus attack

7. Logic bomb

8. Trojan attack

9. Internet time theft

10. Web jacking

B. Match the types of crime with their descriptions.

1. Altering raw data just before a computer processes it and then changing it back after the processing is completed.

2. Gaining access and control over the web site of another person. A hacker may even mutilate or change the information on the site. This may be done for fulfilling political objectives or for money.

3. Flooding the computer of the victim with more requests than it can handle which cause it to crash.

4. Sending large numbers of mail to the victim, which may be an individual or a company or even mail servers thereby ultimately resulting into crashing.

5. Adding an unauthorized program, which passively gains control over one’s system by representing itself as an authorised program. It appears to do something useful but actually does something destructive in the background. The most common form of installing it is through e-mail.

6. Is normally prevalent in the financial institutions or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed.

7. Using up the paid Internet surfing hours of the victim. This is done by gaining access to the login ID and the password.

8. Distributing programs that can reproduce themselves and affect data on a computer, either by altering or deleting it.

9. Distributing event dependent programs created to do some damage only when a certain event (known as a trigger event) occurs.

10. Stealing information stored in computer hard disks, removable storage media, etc. It may be done either by appropriating the data physically or by tampering them through the virtual medium.

C. Discuss the results in the class. What other types of computer crime do you know? Suggest some measures to protect your computer from different types of crime.

SPEAKING

Task 9. Role play

Work in pairs.

Student A is the victim of a computer crime. He/she describes these problems to a computer systems support person.

Student B is the computer systems support person trying to identify the problem and explain how to avoid them in the future.

Present your role play in the class.