It is essential that all information must be protected against unauthorised access, theft and physical damage. Access to data should only be allowed to members of staff with authority, there might also be certain levels of security so that particular members of staff can only access certain data. Therefore all data in A2Z Travel.org is kept in a secure locked office, with limited access. Backups of data are also kept on secure location off site for security reasons.
Data protection act – The main objectives of the act are to make sure that any personal data stored in any computer related to a member of staff is accurate, used for only the purpose registered, kept up to date, and only available to those who are entitled to use the data. Any member of staff may ask for a copy of the data held in their record. It is a legal requirement to meet with the data protection act in any organisation, staff are also made aware of this and are given a copy of the companies data protection policy when they are recruited.
CCTV – A2Z Travel.org is a 24-hour coach service and therefore all gates are kept opened for drivers to enter and emerge, and so the need for CCTV is essential. CCTV is also used within the office; this can help to audit users activities on p.c’s. For instance if there was a problem experienced and it could not be confined to a particular member of staff the CCTV system could be used to view who was using the system at a particular time.
There is CCTV placed in several places such as inside and outside the office and in the coach yard where the coached are parked. Equipment security – In order to minimise the loss or damage the equipment within the company is protected from security threats and environmental hazards. Regular backup copies of data are taken on a daily basis, which is done by Charles Stewart (Backup Assistant).
Master software and backup data diskettes are kept in locked cabinets when not in use and they are also stored in a different location. It is vital for master copies to be kept elsewhere as data that is corrupted or destroyed in case of fire or theft, which will result in losing weeks/months of work, cannot always be replaced. Any computer is at risk from damage or theft. Theft is becoming more and more common amongst companies and organisations. To avoid losing thousands of pounds on buying more equipment to replace the ones that have been damaged or stolen, A2Z Travel international have insured all their equipment in the company. This insurance cover will compensate for the repair or replacement of the equipment and software. The use of security ties and lock help to protect the companies’ hardware, this is necessary as a number of drivers are continuously entering and emerging from the office.
Security tags are also used on all of the hardware so that the equipment is identifiable in the event of theft or loss. All of the equipment is also registered with the manufacturer so that they are identifiable from the serial number. To further improve security the use of metal casings and security locks on devices such as printers to prevent any other member of staff apart from the technician from changing consumables etc, this helps maintain equipment as members of staff without I.T knowledge may damage the equipment when attempting to change consumables etc.
Viruses – A large risk faced by A2Z Travel.org is the possibility of downloading or receiving harmful viruses. There are a number of ways in which it is possible to contract a virus including the use of floppy disks, downloading data from the Internet or email. To reduce these risks it is the role of the I.T security manager to have an up to date anti virus software subscription. Even more important is the task of regularly updating this software as new viruses are regularly generated. Another security step taken by the organisation is to implement firewalls on all of the P.Cs used within the company. This helps to protect data and filter out any harmful files.
The role of the technician includes updating all of this software and carrying out regular checks on all of the computers. Another precaution taken by the company involves completing regular windows updates on all machines used within the company. This keeps all Microsoft software up to date so that there is less risk of contracting any viruses or experiencing any problems with any software.
Technical Security – This considers the security requirements, which are related to the technology within A2Z Travel.org in particular IT networks, systems and equipment. Topics that are involved include: Hacking – This is an act to penetrate computer systems to gain knowledge about the system and how it works. A hacker is someone who is interested in computer programming and things that are related to the technical side of a computer. The damage a hacker can do is change a password so legitimate users are denied access, can smuggle another program onto the P.C, can steal credit numbers to obtain goods and services and can crash a system. A2Z Travel.org uses up to data virus protection and Microsoft firewall applications to prevent any unauthorised access to the system.