Operational Procedures for Preventing Misuse of data

OPERATIONAL PROCEDURES FOR PREVENTING MISUSE of DATA

• Screening potential employees

• Routines for distributing updated virus information and virus scanning procedures i.e. establish a virus screening regime. 

  • Ensuring virus signatures are updated daily and distributed around the network when a station logs in.

  • Establish firewalls/proxy-servers.

• Define procedures for downloading from the Internet, use of removable media, personal backup procedures

  • How often are they done, have they got to use special machines etc, encryption of data/memory stick

• Establish security rights for updating web pages e.g. Who/What/When

• Establish a disaster recovery programme - Who does what and when, including checking the standby equipment.  Backup plans, i.e. how often.

  • Needed to minimise disruption caused by hardware failure, software bugs, natural disasters (e.g. floods, fire, earthquakes, hurricanes, etc); deliberate damage (malicious damage by staff, viruses, hacking, vandalism, terrorist bombs etc).

  • Needed to get the systems working again in the shortest possible time

  • Ensure all staff know what to do to recover data, programs etc. e.g. restoring accidentally deleted files

  • What and where are the backups e.g. ancestral system, RAID etc

  • Plan will usually cover

    • Total/Partial loss of computing equipment

    • Loss of essential services such as electricity, heating or air conditioning

    • Loss of certain key employees e.g. losing all qualified network staff in one go due to them choosing to form their own facilities organisation.

    • Loss of maintenance or support services

    • Loss of data or software

    • Complete/Partial loss of telecommunications equipment or services

    • Complete/Partial loss of the premises housing the IT equipment

• Set up auditing procedures (Audit trails) to detect misuse

  • Who/What/When

  • Contiguous investigation of irregularities

  • Query any transaction out of the ordinary

• Logon procedures / Creating User IDs and Passwords / setup user accounts

  • Allocating access rights, etc

  • Change passwords regularly; don't write passwords down; use upper and lower case mix etc.

• Call back procedures for remote access e.g. Who/what/when or why

• Establish procedures for training staff e.g. Who/what/when or why

EXAM TIP

This topic area is all about establishing procedures.  The question is all about the administrative procedures that organisations can put in place to minimise or prevent the threats.  The exam board would expect answers such as updating virus checkers etc NOT running virus checks.  NOT making sure backups are made, kept offsite, in fireproof boxes etc - It is all about planning a backup strategy to avoid future problems.