Module ICL-1013:
Security & Data Ethics (UNIX)
Security and Data Ethics (Cambria) 2024-25
ICL-1013
2024-25
School of Computer Science & Engineering
Module - Semester 1 & 2
20 credits
Module Organiser:
Josh Davies
Overview
Indicative content includes:
Big Data
- Overview of big data: identification, purpose and functionality to an organisation e.g. storage, organising, processing, analysing, data transfer.
- Software and database tools e.g. Apache Hadoop - network of many computers to solve problems involving massive amounts of data and computation power.
Business Operations
- Overview of data utilisation within organisations, keeping data accurate/up-to-date, cleaning of data, Experian, Postcode Address File (PAF).
- Cold calling, mailing lists – business benefits/bad publicity/cross sell and up sell opportunities.
Security Considerations
- Hacking: ethical and malicious hacking. Deliberate, intentional and unintentional deletion/disruption of data flows/storage.
- Weaknesses and vulnerabilities of systems: updates, patches, software bugs/fixes.
- Preventative techniques: Firewalls and security software e.g. IDS, IPS, policies/procedures, codes of conduct, physical security e.g. biometrics, IoT devices.
Ethical and Legal Issues
- Users’ Rights – from a practical “best practise” point of view, international standards including policies and procedures for information security management systems (ISMS) ISO27001 & ISO27002. How do companies deal with other companies’ data and policies/ethics of employees’ devices - BYOD (Bring Your Own Device), forensic examinations?
- Consequences of poor file management, monitoring, user rights and backup options – on site/off site/cloud storage.
- Legislation – Data Protection Act 2018, Computer Misuse Act 1990, Health and Safety at Work Act 1974, Copyright, Designs and Patent Act 1988.
Assessment Strategy
-threshold -Equivalent to 40%.Uses key areas of theory or knowledge to meet the Learning Outcomes of the module. Is able to formulate an appropriate solution to accurately solve tasks and questions. Can identify individual aspects, but lacks an awareness of links between them and the wider contexts. Outputs can be understood, but lack structure and/or coherence.
-good -Equivalent to the range 60%-69%.Is able to analyse a task or problem to decide which aspects of theory and knowledge to apply. Solutions are of a workable quality, demonstrating understanding of underlying principles. Major themes can be linked appropriately but may not be able to extend this to individual aspects. Outputs are readily understood, with an appropriate structure but may lack sophistication.
-excellent -Equivalent to the range 70%+.Assemble critically evaluated, relevant areas of knowledge and theory to constuct professional-level solutions to tasks and questions presented. Is able to cross-link themes and aspects to draw considered conclusions. Presents outputs in a cohesive, accurate, and efficient manner.
Learning Outcomes
- Demonstrate an understanding of legal issues facing organisations.
- Demonstrate knowledge and understanding of how organisations store and use data ethically.
- Describe principal security considerations of storing data.
- Discuss international standards including policies and procedures for information security management systems (ISMS).
Assessment method
Report
Assessment type
Summative
Description
Data theory report Individual written report that includes: The theory of storing data securely and using it ethically, including examples.
Weighting
60%
Assessment method
Individual Presentation
Assessment type
Summative
Description
Individual 20 minute presentation on security methods and legal guidelines that can help secure and protect data.
Weighting
40%