Encryption software
Encryption software can be used to encrypt the contents of a hard disk drive. This keeps data secure and requires the user to enter a password or PIN to retrieve it. However, this is only as reliable as the person with the password.
Public key cryptography is a method used to encrypt email before it is sent. A public key, known to everyone, is used to encrypt the data. This can only be decrypted with a private key known only to the user you send the email to.
The SSL (Secure Sockets Layer)Standard security technology for establishing an encrypted link between a server and client e.g Outlook protocol is used for securing web transactions using encryption between web browser and a web server, protecting you from anybody that might be snooping on the network in the middle.
When a browser requests a secure web page, the server sends a public key with a digital certificateA small digital file used to prove ownership of a public key issued by a third party, which can then be used to authenticate (check the credentials of) the web server.
Passwords and levels of access
To access a network, users are often required to have a username and password. This method of access control works by storing an encrypted table of usernames, passwords and associated access rightsThese are the permissions given to a user to access facilities on a computer. on the server.
When a user logs on, their credentials are checked against the table and access is granted with appropriate permissions (access rights) or is denied.
Secure passwords
A weak password makes it easy for someone to try to guess your login details. A strong password will have a good mix of uppercase and lowercase letters, numbers and special characters.
Levels of access
This means that a network administrator has set each user particular access rights. This will give the user permission to access certain files and folders and to read and/or write data.
The access rights that users may have can be summarised as:
- Read 鈥 Access to read the contents of a file
- Write 鈥 Access to modify and create files
- Execute 鈥 Access to run programs
- No access
For example, there will be different levels of access to a patient's medical file in hospital. The surgery receptionist only needs read access to the contact and address details, but the consultant needs read access to associated files such as x-rays, past appointment notes etc. The receptionist may require write access to the appointment calendar while the consultant will not. However, the consultant needs to have write access to patient medical records.