Data Security Consideration
Data Security Consideration
- Data security is protection of programs and data in computers and communication systems against unauthorized access, modification, destruction, disclosure or transfer whether accidental or intentional by building physical arrangements and software checks.
- Data security uses various methods to make sure that the data is correct, original, kept confidentially and is safe. It includes-
- Ensuring the integrity of data.
- Ensuring the privacy of the data.
- Prevent the loss or destruction of data.
- Data security consideration involves the protection of data against unauthorized access, modification, destruction, loss, disclosure or transfer whether accidental or intentional. Some of the important data securities are:
- Archival Storage
- Disposal of Data
Data Security Consideration
- Data backup refers to save additional copies of our data in separate physical or cloud locations from data files in storage securing of the data will help us to prevent from-
- Accidental or malicious damage/modification to data.
- Theft of valuable information.
- Breach of confidentiality agreements and privacy laws.
- Premature release of data which can avoid intellectual properties claims.
- Release before data have been checked for authenticity and accuracy.
- Keeping reliable and regular backups of our data protects against the risk of damage or loss due to power failure, hardware failure, software or media faults, viruses or hacking, or even human errors.
- To use the Backup 3-2-1 Rule is very popular. This rule includes:
- Three copies of our data
- Two different formats, i.e., hard drive+tape backup or DVD (short term)+flash drive
- One off-site backup, i.e., have two physical backups and one in the cloud
- Some important backup options are-
- Hard drives - personal or work computer
- Departmental or institution server
- External hard drives
- Tape backups
- Discipline-specific repositories
- University Archives
- Cloud storage
- Some of the top considerations for implementing secure backup and recovery are-
- Authentication of the users and backup clients to the backup server.
- Role-based access control lists for all backup and recovery operations.
- Data encryption options for both transmission and the storage.
- Flexibility in choosing encryption and authentication algorithms.
- Backup of a remote client to the centralized location behind firewalls.
- Backup and recovery of a client running Security-Enhanced Linux (SELinux).
- Using best practices to write secure software.
- Data archiving is the process of retaining or keeping of data at a secure place for long-term storage.
- Data archival is different from data backup in the sense that data backups created copies of data and used as a data recovery mechanism to restore data in the event when it is corrupted or destroyed.
- Data archives may have many different forms. It can be stored as Online, offline, or cloud storage-
- Online data storage places archive data onto disk systems where it is readily accessible.
- Offline data storage places archive data onto the tape or other removable media using data archiving software.
- Cloud storage is also another possible archive target.
- The following list of our archives:
- Storage medium
- Storage device
- Revisiting old archives
- Data usability
- Selective archiving
- Space considerations
- Online vs. offline storage
- The archived data will be stored for long periods of time, so we must need to choose the type of media that will be lost as long as our retention policy dictates.
- This consideration takes into account about the storage device we are using for our archives which will be accessible in a few years.
Revisiting old archives
- Since we know our archive policies and the storage mechanisms we use for archiving data would change over time. Review our archived data at least once a year to see that if anything needs to be migrated into a different storage medium.
- In this consideration, one major problem in the real world is archived data which is in an obsolete format.
- Sure about what should be archived. That means we will archive only a selective part of data because not all data is equally important.
- If our archives become huge, we must plan for the long-term retention of all our data.
Online vs. offline storage
- Storing of data online keeps the data easily accessible. But keeping data online may be vulnerable to theft, tampering, corruption, etc. Offline storage enables us to store an unlimited amount of data, but it is not readily accessible.
Disposal of Data
- Data destruction or disposal of data is the method of destroying data which is stored on tapes, hard disks and other electronic media so that it is completely unreadable, unusable and inaccessible for unauthorized purposes.
- It avoids the unnecessary storage costs incurred by using office or server space in maintaining records which is no longer needed by the organization.
- Finding and retrieving information is easier and quicker because there is less to search.
- The disposal of data usually takes place as part of the normal records management process. There are two essential circumstances in which the destruction of data need to be handled as an addition to this process-
- The quantity of a legacy record requires attention.
- The functions are being transferred to another authority and disposal of data records becomes part of the change process.
- The following list of considerations will help us for the secure disposal of data-
- Eliminate access
- Destroy the data
- Destroy the device
- Keep the record of which systems have been decommissioned
- Keep careful records
- Eliminate potential clues
- Keep systems secure until disposal
- Ensure that eliminating access account does not have any rights to re access the disposed of data again.
Destroy the Data
- There is not necessary to remove data from storage media will be safe. Even these days reformatting or repartitioning a drive to "erase" the data that it stores is not good enough. To encrypt the data on the drive before performing any deletion can help us to make data more difficult to recover later.
Destroy the device
- To do this, there should be experts who can make probably a lot better at safely and effectively rendering any data on our drives unrecoverable.
Keep the record of which systems have been decommissioned
- It is best if storage media that have not been fully decommissioned are kept in a specific location, while decommissioned equipment placed somewhere else so that it will help us to avoid making mistakes.
Keep careful records
- If more than one person is assigned for such responsibility, he should sign off after the completion of the decommissioning process.
Eliminate potential clues
- Clear the configuration settings from networking equipment.
Keep system secure until disposal of data
- It will be better to ensure that nobody should have access authentication to it before disposal of data won't get his or her hands on it.