Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)
Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

3.2 Making your information less vulnerable

This section is part of the amber and green pathways.

There are some simple steps to make your information less vulnerable to attack in the future.

User accounts and passwords help secure data so that it can only be seen and used by authenticated users. Without a user account and password, an attacker is forced to use much more time-consuming techniques to break into the machine, greatly increasing their risk of being caught.

If you haven’t already done so, it is time to configure your computer and mobile devices so that they require a login or passcode when you switch them on and that they lock when left for a certain period. This will prevent anyone tampering with them or impersonating you on social media if you leave them unattended.

Don’t forget to change the default password on your router as well – and keep a note of the password. A network firewall installed on a router and a personal firewall on the computer itself will stop hackers from getting into your computer. Likewise, up to date antivirus software can stop malware from deleting, encrypting or transmitting your files over the network.

If you have very important files that cannot be shared, then you should consider encrypting documents when they are not actively being edited. VeraCrypt is an example of secure encryption software that can be used to secure any files containing confidential data (see

User accounts

All modern operating systems allow for different user accounts to be created with different levels of access. These range from a guest who can only perform a small number of tasks and cannot change any important settings, through to an administrator who can install new applications, see any data on the computer and make major changes to settings. In between, are user accounts that have limited access and do not usually allow users to install new software – helping to prevent malware infections.

Even if you are the only user on a computer it can make sense to use a user account for day to day purposes, only using the administrator account as and when new software needs to be installed or the operating system is updated. Never use an administrative account for surfing the web or opening emails.

User accounts can be used to restrict access to files, printers and other resources on a local area network.

File permissions

Every file and folder on your computer has a set of permissions that tell the computer’s operating system what can be done with that file:

  • write permission – the file can be edited
  • read permission – it can be copied
  • execute – the file can be executed as a program (if applicable).

Different users have different sets of permissions – so you may have read and write access to an important document, but you can restrict others to read only (i.e. they cannot edit the file), and deny access entirely to people outside of the group.

Remember, read permission allows a file to be copied and to be read. An attacker can still then use copy and paste to copy important information from a document, or to make a copy of the original and to edit that instead.

Disabling ports

Almost all modern computers come with one or more USB ports through which data can be stolen using flash memory drives, a plug-in hard disk or smart phone or media player. It may be necessary to disable these ports for security reasons.

Data Loss Prevention (DLP) software can temporarily disable the USB ports, or monitor or restrict the copying of files to USB devices.


The easiest way to steal a large amount of data is to simply steal the computer or the database server itself. Most computers and some external devices have sockets into which a lock, usually attached to a flexible metal chain that is secured to a wall or a desk, can be attached. Also check that a locked computer prevents a thief from opening the computer and simply unplugging data drives and removing them. Any networked storage devices should be in a locked room or a locked cage secured to a wall or floor.

Obviously, if you are working in a shared environment, locking doors and windows is an obvious deterrent to attackers, as is challenging unknown individuals who might be wandering around.

In the next section, you’ll create a personal recovery plan.


Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371