Pearson BTEC Level 3 Extended Certificate in Computing
Unit 7: IT Systems Security and Encryption
Learning Aim C/D:
C.M3 Justify the choice of protection techniques
used to defend the IT systems of an organisation,
showing how its IT system will be protected from
security threats.
CD.D2 Evaluate the plan and the effectiveness of the
protected IT system against requirements.
CD.D3 Demonstrate individual responsibility and
effective self-management in the planning and
protection of an IT system.
,M3/D2 Justifying and evaluating
protection techniques
Introduction
In this document I will be looking back over all the different protection techniques used to defend an
IT system and will justify their uses to secure any given organisation. Additionally, I will be evaluating
their uses in a plan - that protects an IT system from security threats - whilst assessing if they are
effective at securing an IT system against requirements.
Physical security
The company uses multiple types of physical security to
protect its IT system, this includes locks on doors, keypad
door locks, biometrics to access lunch money, and CCTV
around the building and surrounding areas. Keys to the
network room and cupboards are kept in a key cabinet,
which is locked with an additional key, with only a limited
number of employees having access to it. Spare keys are
stored elsewhere in the building - once again with very
limited access. Certain rooms also have code locks in
addition to key locks; the codes are frequently changed.
Biometrics are used in the canteen to protect staff bank accounts from being used by others to
spend their lunch money - fingerprints are the chosen method of biometric authentication. Finally,
the building is equipped with CCTV to monitor the site and record any suspicious behaviour - this
includes the server room, making sure that anyone that tries to gain unauthorised physical access to
data can be identified.
Justification: These methods of security are used as they protect the companies IT system from
physical events or actions. Door locks are used as they prevent unauthorised staff from accessing the
network room, whilst limiting the number of keys to the key cabinet minimises the likeliness of
someone - who shouldn’t have access - unlocking it to gain access to data or cause damage to the IT
system (e.g. the servers, routers, switches). Code locks are also used; this is due to them offering
more protection than a key lock, as they are harder to crack and have many thousands of
combinations. Fingerprint recognition is used, as it is an easy method to verify users’ identities and
prevent unauthorised access to employee’s lunch accounts. The scans of people’s fingerprints would
be stored on a database and linked to the staffs account, meaning they would have to match before
money is withdraw. This protects the IT system from ‘lower-value fraud’, i.e. stealing lunch money.
CCTV is located around the whole office site and is used as it deters criminal activity - such as
criminals or staff trying to break into the server room to steal/destroy data or people vandalising IT
equipment (servers, switches, etc). Additionally, cameras are used as they provide peace of mind,
that if someone did try to compromise the system, they could be identified, therefore protecting the
IT system.
Unit 7: IT Systems Security and Encryption
, Evaluation: Overall, physical security is ‘all right’ at protecting an IT system as it provides - in some
cases - only basic protection to an organisations system. Key locks are good at preventing access to
rooms, however they can be forced open leaving the doors vulnerable to people who know how to
crack locks/break the door down. In contrast, code locks and biometric locks/scanners are more
effective at protecting an IT system as they are much harder to override due to their complexity. To
offer the best protection, key locks, code locks and biometric locks should be used in combination
with each other. Having these measured placed on doors are very effective as they only let a small
number of employees have access; therefor limiting the risk of someone gaining unauthorised
access. Finger prints could be manipulated - for example someone making a mould of someone
else’s finger - so they aren’t 100% forge proof, although this method is unlikely due to the software
scanning every small detail. The use of CCTV is very effective as it
allows for constant surveillance and video investigations into IT
system breaches. Nevertheless, it can be circumnavigated if the lens
of the camera is damaged, destroyed or had its wires cut - meaning if
they aren’t regularly maintained, they could be ineffective. Checking
to see if the lenses are smashed or if they have been painted over
would ensure the CCTV cameras are operational and their use
effective.
Rating: 6/10
Policies and procedures
Like most businesses, the company uses a web filter to block
certain sites on the company’s internet connection.
‘BrowseControl’ by Current Ware is used as it makes up a list
of websites that are required to be blocked by compiling
together a list of blocked websites from every other business
using the application. The company’s password police requires
users who have forgotten their password to visit the network
manager - with some form of identification - so the password can be reset. In addition, users are
required to change their password every two-to-three months, whilst their username can be edited
to suit the user’s needs.
Justification: Policies and procedures are used in conjunction with IT system security, as they put
rules in place to defend the system from threats. The web filters are used as they block websites that
may have inappropriate content from being accessed on the
network, whilst they are also used to prevent staff from accessing
sites that may distract them from their work (e.g. social media). They
can also be used to stop downloads from certain sites (e.g. FileHippo
for downloading VPNs). The use of ID cards is integral as it ensures
that people do not pretend to be others, and offers a form of
validation when users try to change their username or password.
Within the company, staff ID cards and driving licences are used by
employees to validate their identity. Changing passwords every
two-to-three months is an active policy as it safeguards and
maintains network security, therefor making it harder to guess
passwords as they are always changing. Finally, allowing users to
customise their login details is actively offered as it means users
Unit 7: IT Systems Security and Encryption
Unit 7: IT Systems Security and Encryption
Learning Aim C/D:
C.M3 Justify the choice of protection techniques
used to defend the IT systems of an organisation,
showing how its IT system will be protected from
security threats.
CD.D2 Evaluate the plan and the effectiveness of the
protected IT system against requirements.
CD.D3 Demonstrate individual responsibility and
effective self-management in the planning and
protection of an IT system.
,M3/D2 Justifying and evaluating
protection techniques
Introduction
In this document I will be looking back over all the different protection techniques used to defend an
IT system and will justify their uses to secure any given organisation. Additionally, I will be evaluating
their uses in a plan - that protects an IT system from security threats - whilst assessing if they are
effective at securing an IT system against requirements.
Physical security
The company uses multiple types of physical security to
protect its IT system, this includes locks on doors, keypad
door locks, biometrics to access lunch money, and CCTV
around the building and surrounding areas. Keys to the
network room and cupboards are kept in a key cabinet,
which is locked with an additional key, with only a limited
number of employees having access to it. Spare keys are
stored elsewhere in the building - once again with very
limited access. Certain rooms also have code locks in
addition to key locks; the codes are frequently changed.
Biometrics are used in the canteen to protect staff bank accounts from being used by others to
spend their lunch money - fingerprints are the chosen method of biometric authentication. Finally,
the building is equipped with CCTV to monitor the site and record any suspicious behaviour - this
includes the server room, making sure that anyone that tries to gain unauthorised physical access to
data can be identified.
Justification: These methods of security are used as they protect the companies IT system from
physical events or actions. Door locks are used as they prevent unauthorised staff from accessing the
network room, whilst limiting the number of keys to the key cabinet minimises the likeliness of
someone - who shouldn’t have access - unlocking it to gain access to data or cause damage to the IT
system (e.g. the servers, routers, switches). Code locks are also used; this is due to them offering
more protection than a key lock, as they are harder to crack and have many thousands of
combinations. Fingerprint recognition is used, as it is an easy method to verify users’ identities and
prevent unauthorised access to employee’s lunch accounts. The scans of people’s fingerprints would
be stored on a database and linked to the staffs account, meaning they would have to match before
money is withdraw. This protects the IT system from ‘lower-value fraud’, i.e. stealing lunch money.
CCTV is located around the whole office site and is used as it deters criminal activity - such as
criminals or staff trying to break into the server room to steal/destroy data or people vandalising IT
equipment (servers, switches, etc). Additionally, cameras are used as they provide peace of mind,
that if someone did try to compromise the system, they could be identified, therefore protecting the
IT system.
Unit 7: IT Systems Security and Encryption
, Evaluation: Overall, physical security is ‘all right’ at protecting an IT system as it provides - in some
cases - only basic protection to an organisations system. Key locks are good at preventing access to
rooms, however they can be forced open leaving the doors vulnerable to people who know how to
crack locks/break the door down. In contrast, code locks and biometric locks/scanners are more
effective at protecting an IT system as they are much harder to override due to their complexity. To
offer the best protection, key locks, code locks and biometric locks should be used in combination
with each other. Having these measured placed on doors are very effective as they only let a small
number of employees have access; therefor limiting the risk of someone gaining unauthorised
access. Finger prints could be manipulated - for example someone making a mould of someone
else’s finger - so they aren’t 100% forge proof, although this method is unlikely due to the software
scanning every small detail. The use of CCTV is very effective as it
allows for constant surveillance and video investigations into IT
system breaches. Nevertheless, it can be circumnavigated if the lens
of the camera is damaged, destroyed or had its wires cut - meaning if
they aren’t regularly maintained, they could be ineffective. Checking
to see if the lenses are smashed or if they have been painted over
would ensure the CCTV cameras are operational and their use
effective.
Rating: 6/10
Policies and procedures
Like most businesses, the company uses a web filter to block
certain sites on the company’s internet connection.
‘BrowseControl’ by Current Ware is used as it makes up a list
of websites that are required to be blocked by compiling
together a list of blocked websites from every other business
using the application. The company’s password police requires
users who have forgotten their password to visit the network
manager - with some form of identification - so the password can be reset. In addition, users are
required to change their password every two-to-three months, whilst their username can be edited
to suit the user’s needs.
Justification: Policies and procedures are used in conjunction with IT system security, as they put
rules in place to defend the system from threats. The web filters are used as they block websites that
may have inappropriate content from being accessed on the
network, whilst they are also used to prevent staff from accessing
sites that may distract them from their work (e.g. social media). They
can also be used to stop downloads from certain sites (e.g. FileHippo
for downloading VPNs). The use of ID cards is integral as it ensures
that people do not pretend to be others, and offers a form of
validation when users try to change their username or password.
Within the company, staff ID cards and driving licences are used by
employees to validate their identity. Changing passwords every
two-to-three months is an active policy as it safeguards and
maintains network security, therefor making it harder to guess
passwords as they are always changing. Finally, allowing users to
customise their login details is actively offered as it means users
Unit 7: IT Systems Security and Encryption
