a) Major precautions to be taken into account in the process of sharing data and information.
1. Logical access control to the system and data files
This refers to controlling those who have access to terminal of a computer from gaining access to the data of software.
Logical access can be achieved through the use of passwords and software controls. They ensure that:
i) Data stored in the database files is not corrupted by unauthorised users or lost.
ii) Unauthorised access of data is restricted thus maintaining data confidentiality and integrity
iii) Data which is transmitted through the networks is not stolen during transmission by unauthorised persons. This can be achieved through data encryption.
2. Physical access controls
These are controls which prevent unauthorised people from getting near the computer equipment or the storage media. They ensure that they system is protected against sabotage or access by unauthorised users. They can be achieved through:
i) Use of mechanical devices such as lock and keys to protect the system.
ii) Use of closed circuit cameras to identify unauthorised users.
iii) Use of electronic identification devices for users such as the card swipe systems.
iv) Location of the computer room to limit access to computer systems.
3. Safe data transmission techniques
These are techniques which ensure that data being transmitted via a network cannot be accessed by unauthorised users. They include:
i) Data encryption: – This is a method of data transmission whereby data is transmitted in a coded or encrypted form and for the recipient to be able to read it must be decoded.
ii) Parity checks: – These are controls that check the transfer of data as it is being transferred from one system to another by use of a parity bit added to each byte.
4. File identification checks
This precaution is especially important in the client/server architecture method of data processing. It ensures that correct files have been loaded for processing and that correct labels are sued. This enhances the reliability of data.
5. Data transmission controls
These are controls on data which is being transmitted via a network link. They include:
i) Sampling of files and tracing them back to the original source documents.
ii) Establishing terminal check schedule for transmission.
iii) If transmission is batch oriented, the serial number of programs in each batch must be examined.
iv) Use of data encryption and protocols.
6. Administrative controls
This include division of responsibilities, physical checks, environmental screening, sociological influences of information technology system, selection of personnel back up facilities etc.