Maintain data security when using digital technology
Overview
This standard is about protecting data within a digital technology system against unauthorised access that could impact the integrity of that data.
It involves implementing the organisational strategy for cyber security and identifying any threats and risks that may arise, reporting any security issues according to organisational policies. It includes implementing the correct user authentication procedures to access different systems and using and updating unique passwords. It also includes implementing anti-virus protection software and maintaining good backup procedures for data.
This standard is for those who need to maintain data security when using digital technologies to meet their own needs or as part of their duties.
Performance criteria
You must be able to:
Take appropriate security precautions when working online in line with organisational standards
Run specified security software to protect data in digital systems from viruses and malware
Maintain secure access privileges to digital systems by using unique and secure passwords to protect privacy and security, in line with organisational procedures
Follow secure practices when extracting and sharing data in line with organisational guidelines
- Conduct online transactions safely and securely in line with organisational guidelines
Manage the selection strong passwords to keep data secure in line with organisational procedures
Take precautions to protect digital devices against unauthorised access, loss or theft in line with organisational data protection policies
- Identity incoming emails of concern and act in line with organisational standards
- Check the security of websites using approved procedures, before entering personal or organisational data
- Comply with laws, regulations and organisational policies when using data in digital systems
- Report data security breaches promptly and in line with organisational standards
Knowledge and Understanding
You need to know and understand:
- How data can be stored, used and shared
- The risks associated with storing and sharing data
- The main sources of risks to data
- The concept of password strength
- The general principles of keeping data secure
- The hazards that can exist in emails targeting phishing attacks
- The laws, regulations and organisational guidelines governing the security of digital systems and data
- How to report breaches of data security or suspicious activity
- The dangers of computer viruses, and how to minimise risks
- The risks to data security from internal sources
- The risks to privacy when working online
- How to identify secure internet sites
- The risks associated with downloading software