The Chapter 9, about Data Protection it emphasizes the need for a backup plan to prevent data loss. The chapter underscores that backup serves as a defense for companies and explores backup approaches (such, as file/directory, image, shadowing) and techniques (full versus incremental, local versus centralized) to secure data in case of hardware malfunctions, emergencies, theft or cyber threats.
You highlighted the importance of diverse backup methods and techniques. This approach is key in safeguarding data against various threats and scenarios, from hardware issues to cyber attacks.
Yannick, Yes, preventing a data loss is crucial and their are so many hazards that a company can go through which is why companies always need to be prepared and secure their data. It could even help in certain cyber threats like a ransomware where everyone but one person could be affected.
That’s an excellent summary, Yannick. Implementing a comprehensive backup strategy can help companies ensure business continuity and protect their data assets.
Local backups offer quick access and control but may be vulnerable to on-site disasters such as fires or theft. Centralized backups provide greater security and ease of management but may introduce latency and dependence on network connectivity. It is important to balance the pros and cons of each choice.
This chapter highlights the critical need to safeguard corporate data during storage, emphasizing backup, secure database storage, theft prevention, and safe disposal. Regular backups mitigate total loss risks. Utilizing encryption, access controls, and retention policies ensures data security. To protect sensitive personal information, the chapter suggests data loss prevention strategies and hardware tools, noting their role in preventing identity triangulation from minimal data.
This is a good summary and I’d like to highlight that while regular backups is good practice, testing the validity of the backups and determining the scope of critical data to be backed up to minimize storage costs could enhance corporate data protection.
Eyup, yes that is true securing corporate data is important because you don’t know if an attacker could get into your system to steal or damage said data. complexity in passwords can help in trying to access the data because the complexity of the password can determine the difficulty in trying to get in to access the data.
In this chapter Database security, there is database access control which is just like access networks being restricted such as networks, hosts, and applications. In this same way database access controls can be restricted or given access to the database after they have been authenticated. Popular database management systems can restrict access as well as manage database structures and these systems include oracle, Microsoft SQL server, My SQL, IBM DB2. Users can even be authenticated locally on central authentication servers like Kerberos or Microsoft active directory. By doing these restrictions it is important to know that the company should enforce their complexity in passwords and history requirements.
Databases are known to contain critical operational data and sensitive information hence, all relevant access control measures to protect the data resident in the databases are applicable which include the principle of least privilege, logging and auditing, granting access on a need-to-know amongst others.
That’s a great point! Jon. By implementing authentication and access controls, companies can ensure that only authorized users can access databases and sensitive data, thereby protecting their data assets and preventing breaches.
This chapter emphasizes the importance of protecting corporate data, especially when stored rather than transmitted or processed. Some critical factors in protecting data are backing it up, storing it securely in a database, preventing theft, and disposing of it securely. Ensuring that data is adequately backed up will prevent a total loss if another protection breaks or is lost. Storage practices such as encryption, access control, and proper retention policies will help keep the stored data secure. Data loss prevention policies and hardware appliances help protect user PII, which this chapter points out can be especially valuable in triangulating a user’s identity using a selection of information.
Hey Celinemary, Good points about the importance of secure data storage practices like encryption, access controls, and data loss prevention measures to protect sensitive information. I would add that regularly auditing these practices is also crucial to ensure they are being followed consistently and remain effective as threats evolve over time.
I agree! Effective database access control is a fundamental pillar of overall data security, safeguarding valuable information from unauthorized access and potential breaches.
This chapter mentioned image backups capture the entire contents of a hard drive, including all programs, data, and settings, allowing for a complete restoration even on a different machine. This method is comprehensive but slow, leading companies to perform it less frequently than file or directory backups, which are quicker and focus on data that changes more frequently. Before major changes like installing new software, an image backup is recommended. Shadowing, on the other hand, is a continuous backup process where files are saved to an alternative location at short intervals, significantly reducing the risk and extent of data loss between backups.
Implementing a combination of these methods, such as daily file backups, weekly image backups, and continuous shadowing for critical files, can provide a well-rounded data protection strategy that balances the need for comprehensive coverage with efficiency and minimizes potential data loss.
Database security refers to the measures and controls put in place to protect data and metadata stored on computers. Some of these protections include:
• Protection of data must be policy-driven, legal requirements and accreditation standards (e.g., PCI-DSS, HIPAA, CobiT) to shape policy depending on the type of data stored.
• Data stored in a database must be cryptographically protected.
• Network configuration must control access to internal database servers.
• Access control for physical and electronic access to data stores.
• Firewall configured to prevent attacks focused on degrading the confidentiality, integrity, and availability of corporate data.
• Applications that access databases must be secured to prevent access to unsecured applications could be used to extract or delete data via SQL injection
Compressive overview, I would also emphasize the significance of regularly reviewing and updating these controls to keep pace with evolving threats and technologies, as well as conducting thorough security audits and vulnerability assessments to identify and address potential weaknesses
One key takeaway from this chapter is database access controls. This entails limiting access to specific rows and columns, establishing relationships between entities, and implementing robust authentication mechanisms. Another critical aspect is determining which database events warrant auditing. While the specifics of these audits hinge on the nature of the data and regulatory mandates, key events typically include failed user logins, procedural alterations, and instances of special access.
Indicators of compromise (IoCs) are a good way to perform audits with database access controls, they can also inform the configured rules and alerts on the database.
The Chapter 9, about Data Protection it emphasizes the need for a backup plan to prevent data loss. The chapter underscores that backup serves as a defense for companies and explores backup approaches (such, as file/directory, image, shadowing) and techniques (full versus incremental, local versus centralized) to secure data in case of hardware malfunctions, emergencies, theft or cyber threats.
You highlighted the importance of diverse backup methods and techniques. This approach is key in safeguarding data against various threats and scenarios, from hardware issues to cyber attacks.
Yannick, Yes, preventing a data loss is crucial and their are so many hazards that a company can go through which is why companies always need to be prepared and secure their data. It could even help in certain cyber threats like a ransomware where everyone but one person could be affected.
That’s an excellent summary, Yannick. Implementing a comprehensive backup strategy can help companies ensure business continuity and protect their data assets.
Local backups offer quick access and control but may be vulnerable to on-site disasters such as fires or theft. Centralized backups provide greater security and ease of management but may introduce latency and dependence on network connectivity. It is important to balance the pros and cons of each choice.
This chapter highlights the critical need to safeguard corporate data during storage, emphasizing backup, secure database storage, theft prevention, and safe disposal. Regular backups mitigate total loss risks. Utilizing encryption, access controls, and retention policies ensures data security. To protect sensitive personal information, the chapter suggests data loss prevention strategies and hardware tools, noting their role in preventing identity triangulation from minimal data.
This is a good summary and I’d like to highlight that while regular backups is good practice, testing the validity of the backups and determining the scope of critical data to be backed up to minimize storage costs could enhance corporate data protection.
Eyup, yes that is true securing corporate data is important because you don’t know if an attacker could get into your system to steal or damage said data. complexity in passwords can help in trying to access the data because the complexity of the password can determine the difficulty in trying to get in to access the data.
Yes, data backup is a good way to migitaterisk.
Incorporating both image backups and shadowing into a backup strategy can provide a robust defense against data loss and system downtime.
In this chapter Database security, there is database access control which is just like access networks being restricted such as networks, hosts, and applications. In this same way database access controls can be restricted or given access to the database after they have been authenticated. Popular database management systems can restrict access as well as manage database structures and these systems include oracle, Microsoft SQL server, My SQL, IBM DB2. Users can even be authenticated locally on central authentication servers like Kerberos or Microsoft active directory. By doing these restrictions it is important to know that the company should enforce their complexity in passwords and history requirements.
Databases are known to contain critical operational data and sensitive information hence, all relevant access control measures to protect the data resident in the databases are applicable which include the principle of least privilege, logging and auditing, granting access on a need-to-know amongst others.
That’s a great point! Jon. By implementing authentication and access controls, companies can ensure that only authorized users can access databases and sensitive data, thereby protecting their data assets and preventing breaches.
This chapter emphasizes the importance of protecting corporate data, especially when stored rather than transmitted or processed. Some critical factors in protecting data are backing it up, storing it securely in a database, preventing theft, and disposing of it securely. Ensuring that data is adequately backed up will prevent a total loss if another protection breaks or is lost. Storage practices such as encryption, access control, and proper retention policies will help keep the stored data secure. Data loss prevention policies and hardware appliances help protect user PII, which this chapter points out can be especially valuable in triangulating a user’s identity using a selection of information.
Hey Celinemary, Good points about the importance of secure data storage practices like encryption, access controls, and data loss prevention measures to protect sensitive information. I would add that regularly auditing these practices is also crucial to ensure they are being followed consistently and remain effective as threats evolve over time.
I agree! Effective database access control is a fundamental pillar of overall data security, safeguarding valuable information from unauthorized access and potential breaches.
This chapter mentioned image backups capture the entire contents of a hard drive, including all programs, data, and settings, allowing for a complete restoration even on a different machine. This method is comprehensive but slow, leading companies to perform it less frequently than file or directory backups, which are quicker and focus on data that changes more frequently. Before major changes like installing new software, an image backup is recommended. Shadowing, on the other hand, is a continuous backup process where files are saved to an alternative location at short intervals, significantly reducing the risk and extent of data loss between backups.
Implementing a combination of these methods, such as daily file backups, weekly image backups, and continuous shadowing for critical files, can provide a well-rounded data protection strategy that balances the need for comprehensive coverage with efficiency and minimizes potential data loss.
Database security refers to the measures and controls put in place to protect data and metadata stored on computers. Some of these protections include:
• Protection of data must be policy-driven, legal requirements and accreditation standards (e.g., PCI-DSS, HIPAA, CobiT) to shape policy depending on the type of data stored.
• Data stored in a database must be cryptographically protected.
• Network configuration must control access to internal database servers.
• Access control for physical and electronic access to data stores.
• Firewall configured to prevent attacks focused on degrading the confidentiality, integrity, and availability of corporate data.
• Applications that access databases must be secured to prevent access to unsecured applications could be used to extract or delete data via SQL injection
Compressive overview, I would also emphasize the significance of regularly reviewing and updating these controls to keep pace with evolving threats and technologies, as well as conducting thorough security audits and vulnerability assessments to identify and address potential weaknesses
One key takeaway from this chapter is database access controls. This entails limiting access to specific rows and columns, establishing relationships between entities, and implementing robust authentication mechanisms. Another critical aspect is determining which database events warrant auditing. While the specifics of these audits hinge on the nature of the data and regulatory mandates, key events typically include failed user logins, procedural alterations, and instances of special access.
Indicators of compromise (IoCs) are a good way to perform audits with database access controls, they can also inform the configured rules and alerts on the database.
Great summary! Edge. The importance of auditing cannot be overstated. It helps organizations meet regulatory requirements and maintain data integrity.