Security and Ethics

Security & Ethics - SSS 3 (Updated)

Class: SSS Three Topic: Data Security & Ethics


Definition of Data Security

Data security is all about keeping our digital information safe. It is the practice of protecting data from being damaged, lost, or accessed by people who are not allowed to see it. Think of it like putting a strong lock on a valuable item to prevent theft or damage.


Sources of Security Breaches (Threats)

A security breach happens when data is accessed, copied, stolen, or damaged without permission. Common sources of security breaches include:

  1. Malicious Software (Malware): These are harmful programs designed to damage or gain unauthorized access to computer systems. Some malicious software include:
    • Virus: A computer virus is like a biological virus; it attaches itself to other programs or files. It needs a human action (like running an infected program) to spread from one computer to another, leaving infections as it travels.
    • Worms: Unlike viruses, worms can spread by themselves from computer to computer without any human help. They often use network features to travel quickly and infect many systems.
    • Trojan Horse: A deceptive program that looks like a harmless or useful application but hides harmful code. It does not replicate itself, but it can be very destructive. Trojans can also create "backdoors" (hidden ways in) for malicious users to access your system, potentially stealing confidential information.
    • Ransomware: Malware that blocks access to a computer system or encrypts the files on it until the victim pays a sum of money (a ransom) to the attacker.
    • Spyware/Adware: Software that secretly monitors the user’s activity (Spyware) or forces unwanted advertisements onto the screen (Adware).
  2. Poor Network Implementation: This refers to weak setup or management of computer networks, such as using easily guessed passwords, not encrypting data, or having open network ports. This makes it easy for unauthorized individuals to gain access.
  3. Poor or Lacking ICT Policies: When there are no clear rules or guidelines (ICT policies) for how people should use computers and handle data, or if these rules are not properly enforced, it can lead to security weaknesses.
  4. Carelessness / Human Error: Many security breaches happen because of human mistakes, like:
    • Giving out personal and vital information (passwords, bank details) on the internet without careful checking.
    • Falling for phishing scams (tricking people into giving out information).
    • Not logging out of accounts or leaving devices unlocked.
    • Falling for Social Engineering, which is the psychological manipulation of people into giving up confidential information or granting access to systems.
  5. Malicious Actors: These are individuals or groups who intentionally try to breach security. They include:
    • Hackers: People who gain unauthorized access to computer systems, often for malicious purposes like stealing data or causing damage.
    • Spammers: People who send large amounts of unsolicited (unwanted) messages, often for advertising or scams.
    • Scammers: People who use deceptive tactics (like fake promises or threats) to trick others into giving them money or personal information.

Preventive Measures for Data Security

To protect data and computer systems from breaches, we can take several important steps:

  1. Use Antivirus Software: Install and regularly update powerful antivirus software (e.g., Norton, McAfee, Avast, Kaspersky) to detect, prevent, and remove malicious programs.
  2. Use a Firewall: A firewall is like a security guard for your computer or network. It's a software utility or hardware device that controls what data is allowed to enter or leave your system, blocking unauthorized access.
  3. Exercise Care with Personal Information: Be very cautious about giving out vital and personal information (like your full name, address, phone number, or financial details) online. Always verify who you are sharing it with.
  4. Implement Proper Network Policies: Ensure that computer networks are set up securely with strong passwords, regular security updates, and clear rules for users on data access and usage.
  5. Be Careful with Email Attachments and Links: Never open email attachments or click on links from unknown senders, as they are common ways for viruses and malware to spread.
  6. Use Strong, Unique Passwords: Create complex passwords that combine letters (uppercase and lowercase), numbers, and symbols, and use a different password for each important account.
  7. Regular Data Backup: Regularly copy your important files to another location (like an external hard drive or cloud storage) so you don't lose them if your main computer is damaged or infected.
  8. Use Two-Factor Authentication (2FA/MFA): This critical step requires a second piece of evidence (like a code sent to your phone) besides your password to log in. This prevents access even if your password is stolen.
  9. Apply Encryption: Use technology that converts data into a code, especially when sending sensitive data or using chat applications, to prevent unauthorized viewing.
  10. Perform Regular Software Updates: Always install operating system and application updates (called patches) immediately, as these frequently fix security vulnerabilities that hackers can exploit.

Ethics in Computing

Ethics refers to a set of moral principles that guide the behavior of an individual or a group, helping them decide what is right or wrong.

Definition of Computer Ethics

Computer ethics is a set of moral principles that specifically regulate how people should use computers and the internet responsibly and respectfully. It guides us to use technology in a way that is fair, safe, and beneficial for everyone, preventing misuse and harm.

Common Ethical Issues in Computing

Here are some important ethical considerations and dilemmas that arise from the use of computers and the internet:

  1. Privacy: This involves respecting the personal information of individuals.
    • It is unethical to access someone's private files, messages, or accounts without their permission.
    • Sharing someone's personal data (like photos, addresses, or phone numbers) online without their consent is a serious breach of privacy.
    • Ethical discussions also involve how companies collect and use your data for advertising or other purposes.
  2. Intellectual Property and Plagiarism: This is about respecting the creative work of others.
    • It is unethical to copy and paste someone's written work, images, music, or videos from the internet and present them as your own without giving credit (this is called plagiarism).
    • While software piracy (illegal copying of software) is a legal issue, it is also unethical because it deprives creators of their rightful earnings.
  3. Accuracy and Reliability: This relates to the trustworthiness of information and computer systems.
    • It is unethical to intentionally spread false information (misinformation or disinformation) online.
    • Programmers and data handlers have an ethical responsibility to ensure that the data they process and the software they create produce accurate and reliable results.
  4. Accessibility and the Digital Divide: This involves ensuring fair access to technology.
    • An ethical concern is the "digital divide," where some people have easy access to computers and the internet while others do not.
    • Efforts to make technology accessible to people with disabilities (e.g., screen readers for the visually impaired) are driven by ethical considerations.
  5. Artificial Intelligence (AI) and Algorithmic Bias: This involves the ethics of automated decision-making.
    • It is unethical if an AI system is built or trained on biased data, causing it to make unfair or discriminatory decisions (e.g., in hiring, lending, or criminal justice).
    • Developers have an ethical duty to ensure AI systems are transparent and treat all people fairly.
  6. Digital Footprint and Online Reputation: Everything you do online leaves a digital footprint – a record of your activities.
    • Ethically, you should be mindful of what you post online, as it can be permanent and affect your reputation (and that of others) in the future.
    • It is unethical to post hurtful, embarrassing, or inappropriate content about yourself or others.
  7. Cyberbullying and Netiquette: This focuses on respectful online behavior.
    • It is unethical to use computers or the internet to harass, threaten, or insult others (cyberbullying).
    • Practicing good netiquette (internet etiquette) means being polite, respectful, and thoughtful in all your online communications.
  8. Responsible Use of Resources:
    • Using school or public computer resources for unauthorized activities (like playing excessive games during class time, or downloading huge non-academic files) is unethical as it wastes resources and can slow down the network for others.

Legal Issues

Legal issues in computing refer to the laws and rules related to the use and misuse of Information and Communication Technology (ICT) and its various applications. Breaking these laws can lead to serious penalties.

Some common legal issues include:

  1. Intellectual Property (IP) Rights: Intellectual property refers to creations of the mind, such as inventions, literary and artistic works, designs, symbols, names, and images used in commerce.
    • These rights give creators exclusive legal control over their creations for a certain period, preventing others from using them without permission.
    • Examples of IP rights include copyrights (for books, music, software), patents (for inventions), and trademarks (for brands and logos).
  2. Piracy: This is the illegal copying, distribution, or use of software, movies, music, or other digital content without the permission of the copyright owner. It is a serious crime that harms creators and businesses.
  3. Data Protection and Privacy Laws (The Nigeria Data Protection Act):
    • These laws protect individuals' personal information (like names, addresses, health records) stored on computers and online.
    • The Nigeria Data Protection Act (NDPA) 2023 is the main law that ensures organizations handle personal data responsibly, securely, and only with the permission of the owner (the Data Subject).
    • It also guarantees rights like the Right to be Forgotten (the right to request your personal data be deleted).
  4. Cybercrime: This is a broad term for any criminal activity that involves a computer or network.
    • It includes activities like hacking, online fraud, identity theft, cyberbullying, and distributing malware.
    • Identity Theft is a serious crime where a criminal steals and uses another person's identifying information (e.g., bank details, SSN) for their own personal gain.
  5. Online Defamation: This happens when someone publishes false statements about another person online (e.g., on social media or forums) that harm their reputation. This can lead to legal action.

Test Your Knowledge! πŸ€”

Answer these quick questions to check your understanding of Data Security, Ethics, and Legal Issues.

1. Which type of malicious software blocks access to a computer system or encrypts data until a payment is made?
Click here to show answer

Correct Answer: C

Explanation: Ransomware is designed specifically to hold data hostage by encrypting it, demanding a ransom for the decryption key.

2. The security measure that requires a user to provide a second piece of evidence (like a code sent to their phone) in addition to their password is known as:
Click here to show answer

Correct Answer: B

Explanation: Two-Factor Authentication (2FA) adds a layer of security by requiring two different methods of verification (e.g., password + physical token/code).

3. A hacker manipulating a user into willingly giving up their password by pretending to be a bank official is an example of what type of threat?
Click here to show answer

Correct Answer: B

Explanation: **Social Engineering** involves tricking people into revealing information or granting access; phishing is a common technique used for this.

4. The main law in Nigeria responsible for protecting personal information and regulating how organizations handle data is the:
Click here to show answer

Correct Answer: C

Explanation: The Nigeria Data Protection Act (NDPA) 2023 is the specific legal framework established to govern the processing and protection of personal data in Nigeria.

5. In computer ethics, what is Algorithmic Bias?
Click here to show answer

Correct Answer: C

Explanation: **Algorithmic Bias** occurs when biases in the data used to train an AI lead to unfair or discriminatory results.

6. The permanent record of all your activities and posts on the internet is referred to as your:
Click here to show answer

Correct Answer: C

Explanation: Your **Digital Footprint** is the trail of data you leave behind from all your online activity, which is often permanent and searchable.

Comments

  1. This is wonderful! May you never be stranded. You really helped me with this. Thanks a lot

    ReplyDelete
    Replies
    1. Angel πŸ’–πŸ’œπŸ’š1 April 2025 at 14:08

      Amen

      Delete
  2. Thanks this really helped

    ReplyDelete
  3. This work is very nice,, kudos

    ReplyDelete
  4. God bless you always
    You have the right note always, other site are just giving us semi note.thiß really help

    ReplyDelete

Post a Comment

Popular posts from this blog

90 Objective Examination Questions in Major Subjects

Complete Computer Studies/ICT Curriculum for JSS 1 to SSS 3

JSS 3 Objective Questions and Answers in Computer studies