Database security has two meanings: The first layer refers to the safety of system operation. The usual threats to system operation safety are as follows. Some cyber criminals invade the computer through the network, local area network, and other means to make the system unable to start normally, or overload the machine to run A large number of algorithms, and turn off the CPU fan, make the CPU overheated and burned out and other destructive activities; The second layer refers to the system information security, the system security is usually threatened as follows, hackers invade the database and steal the desired information.
Hi Zibai,
Databases are the most sort after by attackers because of the value of assets they hold, which is data. This calls for strict security measures being implemented to ensure that all data repositories are protected including their contents. Encrypting data at rest is a fundamental step in ensuring the confidentiality of this data is preserved.
I think the data backup is the most common data protection method, which can help organizations ensure that data is secure and that critical information is not lost in a natural disaster. The backup scope have three degrees of completeness: only data files and directories; an image backup of the entire hard drive; and shadowing each file being worked on. Each is appropriate under different circumstances. There are several common technologies for doing backup: Local Backup, Centralized Backup, Continuous Data Protection, Internet Backup Service, and Mesh Backup. Choosing the right backup option can help organization creating the best data backup plan for needs.
Hi Xinyi,
Thanks for your sharing. Data backup is one of the key controls of ITGC. In addition, backing up only important files/applications will not be enough if you do not perform recovery tests to prove the accuracy and utility of the backup data. Therefore, according to some leading information security frameworks, organizations must perform recovery testing to ensure that backup data can be used in the event of a failure.
Hi Xinyi,
Your sharing is helpful. This chapter deals with data protection. It explores how to protect data using different backup processes. I’m surprised that a tape backup is still an option. The tape has been a reliable choice for more than 30 years, but it’s still a slower choice. Other backup options include raid, mesh, Internet, CDP, local backup, and finally centralized backup. All of these offer viable options but depend on your company’s recovery time objective (RTO) and other factors. Overall, this chapter provides a good overview of what we have learned about protecting data. Again, we use CIA guidelines as a measure.
One of the main points I take away from this chapter is the importance of securely storing, transmitting, and handling data. Some of the methods for protecting information discussed in the other chapters play a key role in protecting organizational data, and when implemented together, they can provide in-depth defense. For example, in Chapter 6, it is explained that a properly configured firewall will prevent attacks aimed at compromising the confidentiality, integrity, and availability of corporate data. Thus, proper protection of corporate data can be achieved by alignments of organizational policies with regulatory requirements and certification standards. In addition, the explanations provided in this chapter have helped me understand that protecting corporate data requires a combination of process, discipline, and the need for every member of the organization (including third parties, suppliers, and customers) to follow digital etiquette at all times. In the end, physical destruction remains the only way to ensure that data is unrecoverable and unusable.
Hi Wenyao,
Defense in depth can be a challenge where encryption is concerned. At minimum, most organizations will have their data encrypted in storage and in transit. However, preventing data loss is resource intensive when dealing with encrypted traffic. It is necessary to ensure outbound traffic is inspected for potential data exfiltration, hence the need to decrypt it before transmitting it out of the network.
In this reading under data loss prevention systems, I find the different ways in which an organization can ensure they are not leaking data. One way to combat this is by implementing Data Loss Prevention systems. I find this to be a demanding task given that we are seeing more encrypted traffic these days. Placing a data loss prevention system especially on an outbound gateway is vital to ensuring no sensitive information leaves the network unless it is being routed to a legitimate destination for authorized use.
However, when outbound traffic is encrypted there is a need for extra resources to decrypt and inspect this traffic data as it leaves the network. This brings in other issues like the responsible gateway becoming a traffic bottleneck due to the demanding nature of decryption and inspection. Having more gateways for this purpose seems ideal but it is very costly to implement and maintain. It is left upon the organizations risk appetite and tolerance to drive the need for implementing Data Loss Prevention Systems.
This chapter covers many of the topics I’ve heard about, but I’m not familiar with and summarizes many of the topics around data protection. A good understanding of backup and redundancy, various RAID levels, and how to apply them to good BCP and DRP is a good knowledge in this field. I particularly like the part about DLP and how it’s a high-level strategic plan to make the right decisions about whether or not to store PII. Information triangulation, as well as the mentioned studies, reveals why sometimes useless information can be critical if violated and lead to high-risk PII losses. I now have a clearer understanding of why high-level organizational decisions about data are directly related to their security plans, as well as a cost/benefit decision, that is, how data will be useful in the future, or too much risk when data is leaked. Companies should pay close attention to the data they receive and whether they store it, and all stakeholders should be aware of what happened.
I agree with you about companies knowing what data they receive. Unfortunately, it will only get more difficult as data increases from year to year, and new types of data emerge that could make older data obsolete, and potentially insecure.
One of the key points for me in this chapter is the importance of backup. Backup ensures that copies of data files are stored safely and securely and will survive even if the data on the host is lost, stolen, or damaged. Data can be lost in many ways such as natural disasters such as flood, fires, or mechanical drive failures, malware that can delete or modify data, etc. The only recourse in such case is the restore data from the last backup. Backup helps achieve availability security goal. The chapter talks about different types of backups: file/directory data backup, image backup, and shadowing. I found this article that highlights some of the reasons why companies must have backup and recovery strategies. The reasons this article provides are: technology failures, human errors, natural disasters, competitive advantage, and theft.
Hi Priyanka,
I like your point of view about data backup. If we do not back up our data, for individual perspectives, we will be disappointed that we lost one of the very important pictures or videos. From organizational perspectives, the data must store in a very secure place and backup regularly, and it is dependent on what the organization needs.
Having a security method of data backup can protect the asset not being lost in an incident. Data is an important part of assets for an organization operating. In order to avoid insecurity, the organization should have a clear and effective policy to guide its employees in data protection, and it should base on the business needs. The policy should describe how to back up the different data within different types of devices and how frequently to back up the data. Before the employees understand how the data is being back up, they should also know how to store the data and what types of data can be stored in their devices. The employees do not realize the importance of data to affect the company. Without implementing the policy, they will store anything they want. Once their devices are stolen or lost, they may occur a legal issue because they forget to delete the confidential files permanently. Therefore, every employee needs to take into account how to store and back up the data, which prevents the loss of the CIA.
Hi Cami,
Data backup is one of the key controls of ITGC. In addition, backing up only important files/applications will not be enough if you do not perform recovery tests to prove the accuracy and utility of the backup data. Therefore, according to some leading information security frameworks, organizations must perform recovery testing to ensure that backup data can be used in the event of a failure.
Backups are an essential part of data security, whether it be for personal use or in an enterprise setting. There are three important backup types. The first is the most common, which is a file or directory backup. In this backup step, the user or admin backs up only certain files and/or directories that are deemed essential in the event of loss. Most common directories include the My Documents folder, Music, and Photos. The next backup step is an image backup. This backup is a full backup of the drive or drives in a machine. This is extremely helpful in the event of a loss as one can pick up right where they left off. However, this is the slowest backup method since the entire drive is being backed up all the time, which can take up a lot of time depending on the ever-increasing size of the drives. Lastly, the last backup method is shadowing. This backup method happens while files are being worked on and backs up files every few minutes to the hard drive or another location. In the event of a loss, this has the shortest time window of data loss since the last backup could range from a few days to just a few hours.
Hi Krish,
I agree as well, one of the biggest components of data protection is having sufficient backup processes in place. Most businesses choose to either have cloud-stored backups or have backup data centers stored far from the original datacenters.
This is also a process for everyday users like us as well. Apple products automatically prompt you for iCloud backup, other smartphones have similar features as well. It’s a background process that we are able to leverage to protect our digital memories and simplify our day-to-day life.
One key takeaway from this weeks reading was the section on data loss prevention. Data loss prevention is a very important concern in today’s IT environment. Each organization which collects data must do everything necessary to keep the PII of their customers from public hands. Too often we hear of breaches were attackers were able to gather data from the company. Many government organizations are adopting the GDPL standards and are starting to put harsh penalties against companies who have data disclosed which should have been kept private.
Hi Jonathan, I agree with your point of view. Data loss prevention is one of the most important topics for many organizations in the world right now. Many business activities today rely on the data collected and analyzing them for business use. Lost of data means a huge loss to the business.
The takeaway I took from this chapter is the third scope of the back up–shadowing. The most difference part of shadowing is the a backup copy of each
file being worked on is written every few minutes to the hard drive or to another location, just like a USB drive. If use the file/directory data backup or image backup, everything since the last backup is lost. This is a window of loss ranging from several hours to several days and sometimes longer. But using the shadowing, the time window of data loss is very brief.
I agree with you that a backup copy of each file being worked on is written every few minutes to the hard drive. Shadowing can also enable applications to continue writing data to the volume during the backup process. Open files will no longer be missed during backup. The backup can be performed at any time without blocking users.
One of the key takeaways for this chapter is there are many controls for securing data and where the data resides. Some of the learnings are limiting access to columns and rows, stored procedures, and audit requirements. Limiting access to columns and rows is necessary to block access to specific fields that hold sensitive information or limit the view to authorized users. Stored procedures can be used to sanitize incoming input being sent to the database. It can be useful in preventing injection attacks, but additional the database should validate the data is sent in an expected format and should only be accepted if it’s in that format. One of the audit requirements I see in my workplace is limiting access to databases. In order for a database administrator to logon or modify settings on a database server, there needs to be a request submitted for change management to approve. As the book mentions, it logs the successful and failed login attempts and without the approval, there are compliance implications if DBA access the server without approval.
From the data protection chapter, they described one type of data that requires special attention, which is personally identifiable information. It includes private employee and private consumer information that can be used to uniquely identify a person. In healthcare standards, PII must be protected by law, and loss of PII can result in credit card and identity theft. Some examples of PII are name, SSN, address, personal characteristics, and information that can be used to link an individual to one of the primary categories.
Although it’s easier to not collect this information and avoid the hassle, it’s better to assign the customers with unique IDs to make them more easily identifiable. Data masking can be used to obscure data si it cannot be used to identify the person but still remain useful.
A key takeaway in this chapter is that without the right policies in place, you can have the best technology and security, but your data can still be breached. There are an array of policies that should be constantly monitored and updated so that tech teams and business teams know what to reference in case there is a question on what to do in case of an incident, a process to follow or simply to back up any audits. The following policies are only a sample of what should be in place so that your teams are informed about how the company needs to proceed:
– Backup Creation
– Restoration
– Media Storage Location
– Encryption
– Access Control
– Data Retention
– Auditing Compliance
One of the most common methods companies are using today to perform backups is by using a disk array as this provides both speed an reliability. A disk array is the process of storing the same data on multiple redundant disks. That way if one drive fails, the same data is also located on another drive, thus increasing reliability. Read-write performance is also increased with an array because data can be written to or read from multiple disks simultaneously. There are different levels of disk arrays now as RAID (redundant array of independent disks). Some of the more popular arrays are RAID 0,1 and 5. RAID 0 increases data transfer speeds and capacity by writing simultaneously to multiple hard disks. Writing data across multiple disks is known as striping. The striped set of disks work fast but offer no reliability. If one of the drives fails, data on all disks are lost. RAID level 1, called mirroring utilizes 2 drives to store data twice by writing it to a data drive (or set of data drives) and a mirror drive (or set of drives). If a drive fails, the controller uses either the data drive or the mirror drive for data recovery and continuous operation. RAID level 5 is the most common and involves striping with parity across at least 3 drives. Data blocks are striped across the drives and on one drive a parity checksum of all the block data is written. The parity data are spread across all drives. Using the parity data, the computer can recalculate the data of one of the other data blocks. That means a RAID 5 array can withstand a single drive failure without losing data or access to data.
Data protection refers to the backup of data at the current point in time. If a piece of data is deleted by mistake, it can be recovered by backup data. From the bottom, data protection can be divided into file level protection and block level protection. File-level backup: Backup all files on disk to another medium by calling the file system interface. That is, the data is read as a file and stored on another medium. At this point, the backup software is only aware of the file layer. Blocklevel backup: Every block on the block device is backed up regardless of whether there is data on the block or not, regardless of file system logic. Remote file copy: transfer to the remote disaster recovery point through the network. The typical example is rsync asynchronous remote file synchronization software. You can monitor the file system action, file changes, synchronization to a remote sites, incremental replication.
There are three main ways to do data backup. The first one is file/directory data backup. This is the most common type of data back up. This approach only backs up data on the computer not programs. Registry settings, and other customization information. It may not even back up all data. It may only backup data in certain directories. In terms of backup scope, it is in the middle of the three approaches. The second one is image backup. In image backup, the entire contents of the hard drive are copied to backup media. This includes programs, data, personalization settings, and all other data. The image backup is the slowest form of backup. Due to this slowness, most companies do image backup less frequently than file directory data backup. The third type is shadowing. In shadowing, a backup copy of each file being worked on is written every few minutes to the hard drive or to another location.
Hi, Ting-yen, thank you for sharing your points. I totally agree with your points of the shadowing. If use the file/directory data backup or image backup, everything since the last backup is lost. This is a window of loss ranging from several hours to several days and sometimes longer. But using the shadowing, the time window of data loss is very brief.
Redundant Array of Independent/Inexpensive Disks (RAID) is a technology that allows storing data across multiple hard drives. The purpose of RAID is to achieve data redundancy to reduce data loss and, in a lot of cases, improve performance. There are 5 different RAID Levels. RAID 0, 1, 5, 6 and 10. RAID 0 is Stripping, writing data simultaneously across multiple disks. RAID 1 is Mirroring, creating an exact copy of a disk at the same time. RAID 5 consists of block-level striping with distributed parity. RAID 6 is also known as dual drive failure protection—is similar to a RAID 5 array because it uses data striping and parity data to provide redundancy. RAID 10 combines disk mirroring and disk striping to protect data.
Great summary. RAID’s are an key component when it comes to data protection and backup. Sometimes we forget that hardware can fail at any moment. Without a project plan in place, an organization is at risk of losing valuable data.
To me data backup is the most used and efficient way to backup data. This is often seen when people move from an old device to a new one such as an iPhone. However, this is not as widely used as it probably should be. For instance, there are a lot of people who choose to backup their phone once, but then completely forget going forward. While this can be useful as the device has been backed up, if that backup is from a few months or even years ago, it is not going to be very useful, outside of specific data such as phone contacts or old documents. It should be best practice to backup any and all devices at least once a month. This lowers the risk of losing a larger and more recent set of data compared to backing up once a year or once every 6 months.
One of the topics that I find interesting in this weeks reading is encryption policies. these are critical and protect the confidentiality and integrity of the data assets. Encrypting data makes it harder for the attackers to exploit the data. When media are moved from its creation /generation location to it storage, loss and theft can result in the release of critical data. This should be mandated by the policies that all sensitive backup media should be encrypted. This will make backup times longer, but
there have been many cases of backup data loss that have required companies to notify customers
and other affected people that sensitive personal information about them may be available to
attackers.
Database security has two meanings: The first layer refers to the safety of system operation. The usual threats to system operation safety are as follows. Some cyber criminals invade the computer through the network, local area network, and other means to make the system unable to start normally, or overload the machine to run A large number of algorithms, and turn off the CPU fan, make the CPU overheated and burned out and other destructive activities; The second layer refers to the system information security, the system security is usually threatened as follows, hackers invade the database and steal the desired information.
Hi Zibai,
Databases are the most sort after by attackers because of the value of assets they hold, which is data. This calls for strict security measures being implemented to ensure that all data repositories are protected including their contents. Encrypting data at rest is a fundamental step in ensuring the confidentiality of this data is preserved.
I think the data backup is the most common data protection method, which can help organizations ensure that data is secure and that critical information is not lost in a natural disaster. The backup scope have three degrees of completeness: only data files and directories; an image backup of the entire hard drive; and shadowing each file being worked on. Each is appropriate under different circumstances. There are several common technologies for doing backup: Local Backup, Centralized Backup, Continuous Data Protection, Internet Backup Service, and Mesh Backup. Choosing the right backup option can help organization creating the best data backup plan for needs.
Hi Xinyi,
Thanks for your sharing. Data backup is one of the key controls of ITGC. In addition, backing up only important files/applications will not be enough if you do not perform recovery tests to prove the accuracy and utility of the backup data. Therefore, according to some leading information security frameworks, organizations must perform recovery testing to ensure that backup data can be used in the event of a failure.
Hi Xinyi,
Your sharing is helpful. This chapter deals with data protection. It explores how to protect data using different backup processes. I’m surprised that a tape backup is still an option. The tape has been a reliable choice for more than 30 years, but it’s still a slower choice. Other backup options include raid, mesh, Internet, CDP, local backup, and finally centralized backup. All of these offer viable options but depend on your company’s recovery time objective (RTO) and other factors. Overall, this chapter provides a good overview of what we have learned about protecting data. Again, we use CIA guidelines as a measure.
One of the main points I take away from this chapter is the importance of securely storing, transmitting, and handling data. Some of the methods for protecting information discussed in the other chapters play a key role in protecting organizational data, and when implemented together, they can provide in-depth defense. For example, in Chapter 6, it is explained that a properly configured firewall will prevent attacks aimed at compromising the confidentiality, integrity, and availability of corporate data. Thus, proper protection of corporate data can be achieved by alignments of organizational policies with regulatory requirements and certification standards. In addition, the explanations provided in this chapter have helped me understand that protecting corporate data requires a combination of process, discipline, and the need for every member of the organization (including third parties, suppliers, and customers) to follow digital etiquette at all times. In the end, physical destruction remains the only way to ensure that data is unrecoverable and unusable.
Hi Wenyao,
Defense in depth can be a challenge where encryption is concerned. At minimum, most organizations will have their data encrypted in storage and in transit. However, preventing data loss is resource intensive when dealing with encrypted traffic. It is necessary to ensure outbound traffic is inspected for potential data exfiltration, hence the need to decrypt it before transmitting it out of the network.
In this reading under data loss prevention systems, I find the different ways in which an organization can ensure they are not leaking data. One way to combat this is by implementing Data Loss Prevention systems. I find this to be a demanding task given that we are seeing more encrypted traffic these days. Placing a data loss prevention system especially on an outbound gateway is vital to ensuring no sensitive information leaves the network unless it is being routed to a legitimate destination for authorized use.
However, when outbound traffic is encrypted there is a need for extra resources to decrypt and inspect this traffic data as it leaves the network. This brings in other issues like the responsible gateway becoming a traffic bottleneck due to the demanding nature of decryption and inspection. Having more gateways for this purpose seems ideal but it is very costly to implement and maintain. It is left upon the organizations risk appetite and tolerance to drive the need for implementing Data Loss Prevention Systems.
This chapter covers many of the topics I’ve heard about, but I’m not familiar with and summarizes many of the topics around data protection. A good understanding of backup and redundancy, various RAID levels, and how to apply them to good BCP and DRP is a good knowledge in this field. I particularly like the part about DLP and how it’s a high-level strategic plan to make the right decisions about whether or not to store PII. Information triangulation, as well as the mentioned studies, reveals why sometimes useless information can be critical if violated and lead to high-risk PII losses. I now have a clearer understanding of why high-level organizational decisions about data are directly related to their security plans, as well as a cost/benefit decision, that is, how data will be useful in the future, or too much risk when data is leaked. Companies should pay close attention to the data they receive and whether they store it, and all stakeholders should be aware of what happened.
Hi Haozhe,
I agree with you about companies knowing what data they receive. Unfortunately, it will only get more difficult as data increases from year to year, and new types of data emerge that could make older data obsolete, and potentially insecure.
One of the key points for me in this chapter is the importance of backup. Backup ensures that copies of data files are stored safely and securely and will survive even if the data on the host is lost, stolen, or damaged. Data can be lost in many ways such as natural disasters such as flood, fires, or mechanical drive failures, malware that can delete or modify data, etc. The only recourse in such case is the restore data from the last backup. Backup helps achieve availability security goal. The chapter talks about different types of backups: file/directory data backup, image backup, and shadowing. I found this article that highlights some of the reasons why companies must have backup and recovery strategies. The reasons this article provides are: technology failures, human errors, natural disasters, competitive advantage, and theft.
https://www.hubstor.net/blog/6-reasons-must-data-backup-recovery-company/
Hi Priyanka,
I like your point of view about data backup. If we do not back up our data, for individual perspectives, we will be disappointed that we lost one of the very important pictures or videos. From organizational perspectives, the data must store in a very secure place and backup regularly, and it is dependent on what the organization needs.
Having a security method of data backup can protect the asset not being lost in an incident. Data is an important part of assets for an organization operating. In order to avoid insecurity, the organization should have a clear and effective policy to guide its employees in data protection, and it should base on the business needs. The policy should describe how to back up the different data within different types of devices and how frequently to back up the data. Before the employees understand how the data is being back up, they should also know how to store the data and what types of data can be stored in their devices. The employees do not realize the importance of data to affect the company. Without implementing the policy, they will store anything they want. Once their devices are stolen or lost, they may occur a legal issue because they forget to delete the confidential files permanently. Therefore, every employee needs to take into account how to store and back up the data, which prevents the loss of the CIA.
Hi Cami,
Data backup is one of the key controls of ITGC. In addition, backing up only important files/applications will not be enough if you do not perform recovery tests to prove the accuracy and utility of the backup data. Therefore, according to some leading information security frameworks, organizations must perform recovery testing to ensure that backup data can be used in the event of a failure.
Backups are an essential part of data security, whether it be for personal use or in an enterprise setting. There are three important backup types. The first is the most common, which is a file or directory backup. In this backup step, the user or admin backs up only certain files and/or directories that are deemed essential in the event of loss. Most common directories include the My Documents folder, Music, and Photos. The next backup step is an image backup. This backup is a full backup of the drive or drives in a machine. This is extremely helpful in the event of a loss as one can pick up right where they left off. However, this is the slowest backup method since the entire drive is being backed up all the time, which can take up a lot of time depending on the ever-increasing size of the drives. Lastly, the last backup method is shadowing. This backup method happens while files are being worked on and backs up files every few minutes to the hard drive or another location. In the event of a loss, this has the shortest time window of data loss since the last backup could range from a few days to just a few hours.
Hi Krish,
I agree as well, one of the biggest components of data protection is having sufficient backup processes in place. Most businesses choose to either have cloud-stored backups or have backup data centers stored far from the original datacenters.
This is also a process for everyday users like us as well. Apple products automatically prompt you for iCloud backup, other smartphones have similar features as well. It’s a background process that we are able to leverage to protect our digital memories and simplify our day-to-day life.
One key takeaway from this weeks reading was the section on data loss prevention. Data loss prevention is a very important concern in today’s IT environment. Each organization which collects data must do everything necessary to keep the PII of their customers from public hands. Too often we hear of breaches were attackers were able to gather data from the company. Many government organizations are adopting the GDPL standards and are starting to put harsh penalties against companies who have data disclosed which should have been kept private.
Hi Jonathan, I agree with your point of view. Data loss prevention is one of the most important topics for many organizations in the world right now. Many business activities today rely on the data collected and analyzing them for business use. Lost of data means a huge loss to the business.
The takeaway I took from this chapter is the third scope of the back up–shadowing. The most difference part of shadowing is the a backup copy of each
file being worked on is written every few minutes to the hard drive or to another location, just like a USB drive. If use the file/directory data backup or image backup, everything since the last backup is lost. This is a window of loss ranging from several hours to several days and sometimes longer. But using the shadowing, the time window of data loss is very brief.
I agree with you that a backup copy of each file being worked on is written every few minutes to the hard drive. Shadowing can also enable applications to continue writing data to the volume during the backup process. Open files will no longer be missed during backup. The backup can be performed at any time without blocking users.
One of the key takeaways for this chapter is there are many controls for securing data and where the data resides. Some of the learnings are limiting access to columns and rows, stored procedures, and audit requirements. Limiting access to columns and rows is necessary to block access to specific fields that hold sensitive information or limit the view to authorized users. Stored procedures can be used to sanitize incoming input being sent to the database. It can be useful in preventing injection attacks, but additional the database should validate the data is sent in an expected format and should only be accepted if it’s in that format. One of the audit requirements I see in my workplace is limiting access to databases. In order for a database administrator to logon or modify settings on a database server, there needs to be a request submitted for change management to approve. As the book mentions, it logs the successful and failed login attempts and without the approval, there are compliance implications if DBA access the server without approval.
From the data protection chapter, they described one type of data that requires special attention, which is personally identifiable information. It includes private employee and private consumer information that can be used to uniquely identify a person. In healthcare standards, PII must be protected by law, and loss of PII can result in credit card and identity theft. Some examples of PII are name, SSN, address, personal characteristics, and information that can be used to link an individual to one of the primary categories.
Although it’s easier to not collect this information and avoid the hassle, it’s better to assign the customers with unique IDs to make them more easily identifiable. Data masking can be used to obscure data si it cannot be used to identify the person but still remain useful.
Just a test as my comments are not posting
A key takeaway in this chapter is that without the right policies in place, you can have the best technology and security, but your data can still be breached. There are an array of policies that should be constantly monitored and updated so that tech teams and business teams know what to reference in case there is a question on what to do in case of an incident, a process to follow or simply to back up any audits. The following policies are only a sample of what should be in place so that your teams are informed about how the company needs to proceed:
– Backup Creation
– Restoration
– Media Storage Location
– Encryption
– Access Control
– Data Retention
– Auditing Compliance
One of the most common methods companies are using today to perform backups is by using a disk array as this provides both speed an reliability. A disk array is the process of storing the same data on multiple redundant disks. That way if one drive fails, the same data is also located on another drive, thus increasing reliability. Read-write performance is also increased with an array because data can be written to or read from multiple disks simultaneously. There are different levels of disk arrays now as RAID (redundant array of independent disks). Some of the more popular arrays are RAID 0,1 and 5. RAID 0 increases data transfer speeds and capacity by writing simultaneously to multiple hard disks. Writing data across multiple disks is known as striping. The striped set of disks work fast but offer no reliability. If one of the drives fails, data on all disks are lost. RAID level 1, called mirroring utilizes 2 drives to store data twice by writing it to a data drive (or set of data drives) and a mirror drive (or set of drives). If a drive fails, the controller uses either the data drive or the mirror drive for data recovery and continuous operation. RAID level 5 is the most common and involves striping with parity across at least 3 drives. Data blocks are striped across the drives and on one drive a parity checksum of all the block data is written. The parity data are spread across all drives. Using the parity data, the computer can recalculate the data of one of the other data blocks. That means a RAID 5 array can withstand a single drive failure without losing data or access to data.
Data protection refers to the backup of data at the current point in time. If a piece of data is deleted by mistake, it can be recovered by backup data. From the bottom, data protection can be divided into file level protection and block level protection. File-level backup: Backup all files on disk to another medium by calling the file system interface. That is, the data is read as a file and stored on another medium. At this point, the backup software is only aware of the file layer. Blocklevel backup: Every block on the block device is backed up regardless of whether there is data on the block or not, regardless of file system logic. Remote file copy: transfer to the remote disaster recovery point through the network. The typical example is rsync asynchronous remote file synchronization software. You can monitor the file system action, file changes, synchronization to a remote sites, incremental replication.
There are three main ways to do data backup. The first one is file/directory data backup. This is the most common type of data back up. This approach only backs up data on the computer not programs. Registry settings, and other customization information. It may not even back up all data. It may only backup data in certain directories. In terms of backup scope, it is in the middle of the three approaches. The second one is image backup. In image backup, the entire contents of the hard drive are copied to backup media. This includes programs, data, personalization settings, and all other data. The image backup is the slowest form of backup. Due to this slowness, most companies do image backup less frequently than file directory data backup. The third type is shadowing. In shadowing, a backup copy of each file being worked on is written every few minutes to the hard drive or to another location.
Hi, Ting-yen, thank you for sharing your points. I totally agree with your points of the shadowing. If use the file/directory data backup or image backup, everything since the last backup is lost. This is a window of loss ranging from several hours to several days and sometimes longer. But using the shadowing, the time window of data loss is very brief.
Redundant Array of Independent/Inexpensive Disks (RAID) is a technology that allows storing data across multiple hard drives. The purpose of RAID is to achieve data redundancy to reduce data loss and, in a lot of cases, improve performance. There are 5 different RAID Levels. RAID 0, 1, 5, 6 and 10. RAID 0 is Stripping, writing data simultaneously across multiple disks. RAID 1 is Mirroring, creating an exact copy of a disk at the same time. RAID 5 consists of block-level striping with distributed parity. RAID 6 is also known as dual drive failure protection—is similar to a RAID 5 array because it uses data striping and parity data to provide redundancy. RAID 10 combines disk mirroring and disk striping to protect data.
Hi Kyuande,
Great summary. RAID’s are an key component when it comes to data protection and backup. Sometimes we forget that hardware can fail at any moment. Without a project plan in place, an organization is at risk of losing valuable data.
To me data backup is the most used and efficient way to backup data. This is often seen when people move from an old device to a new one such as an iPhone. However, this is not as widely used as it probably should be. For instance, there are a lot of people who choose to backup their phone once, but then completely forget going forward. While this can be useful as the device has been backed up, if that backup is from a few months or even years ago, it is not going to be very useful, outside of specific data such as phone contacts or old documents. It should be best practice to backup any and all devices at least once a month. This lowers the risk of losing a larger and more recent set of data compared to backing up once a year or once every 6 months.
One of the topics that I find interesting in this weeks reading is encryption policies. these are critical and protect the confidentiality and integrity of the data assets. Encrypting data makes it harder for the attackers to exploit the data. When media are moved from its creation /generation location to it storage, loss and theft can result in the release of critical data. This should be mandated by the policies that all sensitive backup media should be encrypted. This will make backup times longer, but
there have been many cases of backup data loss that have required companies to notify customers
and other affected people that sensitive personal information about them may be available to
attackers.