ICT2 - Information: Management and Manipulation
Primary and Secondary Storage
Primary storage is the RAM (volatile i.e. is cleared when the computer is turned off)
Secondary storage are media like disks, tapes, CDs, microfilm etc. Because these media are non-volatile, they are suitable for holding data and programs.
File Processing Concepts
Files - on secondary storage, data is stored as files. A file is defined as a collection of records.
Sequential Processing - where each record of the file is read, even though only one record may need to be processed.
Random Processing - Each record in the file has its own address, which can either be read from its unique key or held in a separate index, so that the record can be directly accessed. This makes processing quicker.
Many files need to be processed sequentially on some occasions but randomly on others.
Floppy and Zip Disks
A standard 3.5 floppy disk is a thin, plastic disk coated in metal oxide, enclosed in a rigid plastic case. High-density floppy disks have a capacity of 1.44MB. The write-protect tab can be closed to stop the disk being over-written. Zip disks are larger and thicker than a floppy disk. They have a higher capacity (100 or 200MB). They have to have their own drive. Disks contain two sides that contain 80 circles called tracks. Each track is divided into sectors. The sectors are not present until the disk is formatted. See the diagram in Heathcote p.141.
Hard Disks
Usually contain one or more disk platters sealed inside a casing. Capacity has increased, with disks of 20GB now common. In a mainframe computer, several hard disks will be required.
Magnetic Tape
This is a serial medium, meaning that an individual record can only be found by starting at the beginning of the tape and reading every record in turn. Tape is generally used for backup purposes. The higher the capacity, the more expensive the tape is likely to be.
CD-ROM
Can store about 650MB of data in any form. Transfer speed of data is not as fast as from a hard disk but speed is increasing all the time. The disks are read-only, meaning that once written, the disks cannot be overwritten. When first created, a laser beam burns tiny holes into the surface of the disk. These pits represent binary digits and they can be read by a CD drive.
WORM Disks
Write Once, Read Many CD-R disks are usually gold rather than silver. They are widely used for software piracy, although their intended purpose is for backup of legal material and multimedia authoring.
Magneto-Optical Disks
These are read-write disks, which can store up to 1,000MB. They could eventually replace magnetic disks but are currently too slow and unreliable.
Microfiche
COM (Computer Output on Microfilm) devices can prepare microfiche, which is a 6 x 4" film that can be viewed in a microform viewer. The technology is also used to read old cheques or tax returns.
What are the Threats?
There is a threat to privacy because so many organisations hold personal data on individuals. Modern technology has made it much easier for large quantities of data to be held but some organisations do not protect the integrity of their data. IT systems are vulnerable to crime, abuse, natural disasters and human error.
Case Study: (From Wired News)
British intelligence officers have developed a rather worrying tendency of forgetting that they are carrying a computer, leaving a trail littered with lost laptops.
The British Defense Ministry has reported 205 laptops missing since 1997 -- most of which contained classified information. That's an average of 51 lost laptops per year.
Data Integrity
This means the correctness of the data. Data can be of poor quality because of errors on input, errors in operating procedures or because of program errors (bugs)
Standard Clerical Procedures
These are procedures that guard against errors:
Data should only be entered by authorised personnel
Data verification procedures should be in place (e.g. keying in data twice)
Output should be inspected
Write-Protecting Disks
Disks and tapes have write-protect tabs. When the tab is closed, the contents of the disk cannot be altered.
User IDs and Passwords
Passwords can give different access levels
Passwords should be at least 6 characters long
Password display should be suppressed
Files containing passwords should be encrypted
Users much change their passwords regularly
Passwords should not be easily guessed words
Passwords are more secure if they consist of a mixture of upper and lower case, letters and numbers
Access Levels
Typical access rights are read-only, read/write and No Access. Computers can be programmed to allow access only at certain times.
In a hospital, a receptionist would be allowed to make and change appointments but not to see medical records.
Fraudulent Use or Malicious Damage
The main threats are malicious employees and fraudsters. Possible safeguards are:
Vetting potential employees
Immediate removal of sacked employees
Separation of duties
Physical security e.g. locks, ID badges
Passwords
Education and training of staff (e.g. lock doors, log-off computers, challenge strangers)
Software to monitor all terminal activity
Viruses
All purchased software should arrive in sealed packaging.
Employees could be prevented from bringing in floppy disks from home.
Anti-virus software should be installed.
Biometric Security
More secure than passwords. Example of biometric security is fingerprint recognition. See case study of iris recognition at the Nationwide Building Society.
Communications Security
Telecommunications systems are vulnerable to hackers. Protection measures include callback systems. Data encryption can protect sensitive data before transmission.
Practical exercise in encryption: Go to http://www.open2.net/ictportal/ and click on "Have a go at encrypting a word" link.
Disaster Planning
Computer failure can easily ruin a business. 70% of organisations that experience a disaster (fire, flood etc) cease operating within 18 months. However, if a company has an emergency plan, it can get up and running again very quickly. For example, an organisation could subscribe to a disaster recovery service (e.g. one that could offer temporary office space or spare equipment in the event of a disaster). Smaller businesses need at least to have a backup system.
Case Study: Backup Strategy 148-149
Periodic Backup
Problems associated with periodic backups are:
All updates since the last backup are at risk of being lost
The system must be shutdown while backup takes place
Backup tapes are at risk, unless they are stored in a different building
The whole system does not need backing up every time. Data files need to be backed up but program files don't. Incremental backups are quicker - this is where only the files that have changed since the last backup are saved.
Magnetic tape is suitable for large backups but zip drives or CD/R might be more suitable for a small business.
Tapes can hold large quantities of data and they are re-writeable but they are quite expensive and slow
CDR is cheap and quick but can only hold 650MB
ZIP disks can hold 100MB or 200MB. The disks are read/write.
RAID
Redundant Array of Inexpensive Drives
This is a system whereby every transaction is saved onto more than one HDD, so that records are backed up as soon as they are created. One of the disks can be in a remote location.
Factors in a Backup Strategy
Frequency of backup
Backup media
Location of Backup storage
Number of generations to be kept (where there is incremental backup)
Testing of recovery procedures