This chapter emphasizes the importance of protecting corporate data, especially when it is being stored, rather than transmitted or processed. Some key factors to protecting data are backing it up, storing it securely in a database, preventing its theft, and disposing of it securely. Ensuring that data is properly backed up will prevent a total loss if another protection breaks or is lost. Storage practices such as encryption, access control, and proper retention policies will help keep the stored data secure. Data loss prevention policies and hardware appliances help protect user PII, which this chapter points out can be especially valuable in triangulating a user’s identity using select few information. Lastly, it is important to follow proper data destruction practices and to know when to use nominal deletion, basic file deletion, wiping, or destroying.
Great summary. It is also crucial for protecting data to consider in the network where exactly the databases are located such that they are not able to be immediately compromised without other multi-layered defensive mechanism in place.
I was absolutely impressed about the chapter on Data loss prevention in this week’s reading and this is so because we live in a time where everyone—including every business and organization—everything is both product and producer of a massive amount of data that resides on one or more systems. It could be a government database, a business’ customer list, or even your cloud account, but whatever the storage site, data represents everything we are and do. Consequently, data is vulnerable to getting lost, whether it’s an accidental mishandling of information or outright theft by a hacker. The explosion of data has only increased the cybersecurity stakes, requiring new methods of ensuring information integrity. DLP is a set of policies, products, technologies, and techniques designed to prevent sensitive information from leaving a business or organization. All DLP strategies must incorporate a collection of solutions that monitor, detect, and halt the unauthorized flow of data. These solutions include preventing users from accidentally destroying sensitive data as well as defending against data breaches from outside the organization. Network DLP is focused just as much on monitoring end-users within the organization as it is protecting against breaches from external agents through network vulnerabilities. Unauthorized employees, for instance, may unwittingly alter, delete, or send out information that could damage a company. To mitigate the risks associated with this, many organizations have the field of data loss prevention (DLP) to help meet the need for siphoning of data from the organization.
I agree with you that data represents everything we do. It is reflected in our life and work. In order to avoid the increased network security risks brought about by the explosive growth of data, all that can be done is to avoid data loss and damage as much as possible. In addition to monitoring, detecting, and preventing unauthorized users from accessing data, all you can do is back up your data as best you can. Backups are ensuring that copies of data files are stored safely and securely and will continue to exist even if the data on the host is lost, stolen, or damaged. Data is backed up in such a way that it remains available in the event of a catastrophic host failure.
In chapter 9, attacks against data can occur when data is processed. With a secure cryptosystem, attacks can be prevented while data is being transmitted. Through the study of this chapter, I realized the importance of backup backup. Perhaps other protections will inevitably fail, and the extent to which data is backed up will determine the extent of the loss. Backup is ensuring that copies of data files are stored safely and securely and will continue to exist. Even if data on the host is lost, stolen or corrupted. No matter how damaged, the company’s only recourse is from the last backup. Backups help achieve availability security goals.
Hey Dan, I like how you pointed out just how crucial it is for companies to backup their data. Similar to defense-in-depth strategies, it is best to assume some protections or databases could face trouble, and having backups and extra layers of security will help keep a business running in an emergency.
Data loss prevention (DLP) policies can be an effective countermeasure against insider threats. DLP policies can include enabling alerts to trigger if an unauthorized user is accessing or exporting sensitive corporate data. DLP policies can be tuned to alert if the following PII conditions are met; data accessed contains name, address, information that can link the user’s identity. DLP policies can provide an auditing trail to help identify who accessed the information and identify exposed information to unauthorized third parties.
I never thought about how data can be categorized and linked to software that relays if it contains different types of PII. This kind of tracking and alert system is good for any company to use because it makes analysis and reaction easier and more transparent. It could also save money in the end also by knowing the extent of a breach was not the worst-case scenario.
For data protection, you need to consider any applicable legislation. This can dictate the baseline, minimum protections you are required to enforce. As long as it is cost efficient, going above and beyond what it minimally required often reduces the severity and frequency of breaches.
One important aspect of data protection is employee training. If your company deals with PII, financial information, or other sensitive data, employees should receive training on what is and what is not appropriate for discussion and dissemination outside the workplace.
DLP tools can be used to scan for and, if enabled, actively block outgoing sensitive data. This can prevent breaches from occurring either maliciously or accidentally.
One of my main takeaways from this chapter was database access controls. We have seen in other chapters how you can protect databases with cryptography, encryption, or firewalls but it is also important to protect the databases at the data level. This would mean restricting access to rows and columns, setting up relations between entities, and setting up proper authentication. Determining what events to audit within the database is also a crucial task. These audits vary depending on the data and regulatory requirements, but some key events are user failed logins, changes to procedures, and special access.
One of the takeaways from this chapter was database security and how to achieve it. I know it may not be the most glamorous or fun thing to do, but I believe that it is definitely possible for developers and/or database administrators to give all users permissions all tables, rows and columns in a database. Having worked a little bit with databases, setting up and maintaining permissions for an entire database can be tedious and troublesome, and database security definitely requires a certain level of attention to detail.
I completely agree. I am not a fan of working with databases, but the data within them is a corporation’s main asset, and so to protect the data you’d have to properly secure the database and which includes applying the correct permissions, which as you said can be a tedious task.
One interesting point this chapter makes is the concept of port obfuscation, which the authors recommend and advise as good practice. However, this is reminiscent of security through obscurity, and is not inherently a good security practice in and of itself. It will help with cleaning up log files and likely circumvent much of the script kiddy attacks that regularly scan for basic vulnerabilities with a port scanner, but it does not really provide any sort of security and I find it questionable that they advise to do so. It *can* help for the purpose of cleaner logs, making it easier to see other potential attacks coming in, but I do not think it is a good practice for security.
I agree that port obfuscation is and of itself is not a secure enough practice. While it can definitely help protect from basic attacks, it could also lead to a false sense of security which could be counter-productive. It can be a good practice, but all other security measures should be enabled as normal.
One key takeaway of mine from this chapter was the importance of backing up critical data. Backups can provide more protection against attacks harming integrity and availability as long as the system(s) that are used to store the replicated data are located separately from the main database / network, are properly secured. and maintain proper logs. Data backups should also be included in contingency planning and thought of from this perspective because if any kind of disaster were to happen where an organization would need to change physical locations for a period of time, it should be convenient to insert/access the data in a different environment. A good data backup is an effective way to combat ransomware attacks, which is one of the fastest increasing types of attacks at this point in time.
You make some good points. Backups are a critical task that needs to be performed for all systems, and best practices need to be followed to have a successful backup. These best practices should also indicate how to restore from a backup so there is a smooth transition, and as you said backups should be included in the contingency plan so that a quick recovery is possible.
Database security has two meanings: The first layer refers to system operation safety. The usual threats to system operation safety are as follows. Some cybercriminals invade the computer through the network, local area network, and other means to make the system unable to start usually, or overload the machine to run A large number of algorithms, and turn off the CPU fan, make the CPU overheated and burn out and other destructive activities; The second layer refers to the system information security, the system security is usually threatened as follows, hackers invade the database and steal the desired information.
Your point that database security involves operational and physical security is a good one. Information security such as encryption, backups, etc. are no good if the machines cannot physically function properly or if they are destroyed in some kind of disaster.
There are multiple policies that could be in place to protect the data. The some of the policies include Backup Creation Policies, Restoration Policies, Encryption Policies, and Retention Policies. Backup Creation Policies would be in place to identify the system and the data that it holds to find out how often that system or data should be backed up. Restoration Policies includes to perform the test of restoring the data to ensure the data is being properly backed up and can be used if there happens to be any type of incident. Encryption Policies would mention to encrypt the data before moving it so it could stay confidential while in transit. Retention Policies include the legal time frame for how long the certain data should be kept.
One takeaway from this reading was the difference between full and incremental back ups. Full backups are when data from files/directories are completely and holistically copied, backed up and saved. These take a significant amount of time. Meanwhile, incremental back ups are done periodically (i.e. 3 times a week), and back up data that has changed since the last full backup was completed. Incremental backups need to be carefully timed in order to provide accurate backed up data, and are speedy/efficient methods of backing up data.
The main takeaway while reading this chapter is how important backup is. Backup is utilized in case the data is lost or corrupted. There are several ways to backup data such as file/directory backup, image backup, and shadowing. The file/directory backup is the most common backup. This can happen on such as an external backup or a flash drive. Image backup creates a copy of the operating system and the data associated with it. A shadow copy can still contain all files and is a backup copy of each file.
Redundant Array of Independent/Inexpensive Disks (RAID) is a technology that allows storing data across multiple hard drives. The purpose of RAID is to achieve data redundancy to reduce data loss and, in a lot of cases, improve performance. There are 5 different RAID Levels. RAID 0, 1, 5, 6 and 10. RAID 0 is Stripping, writing data simultaneously across multiple disks. RAID 1 is Mirroring, creating an exact copy of a disk at the same time. RAID 5 consists of block-level striping with distributed parity. RAID 6 is also known as dual drive failure protection—is similar to a RAID 5 array because it uses data striping and parity data to provide redundancy. RAID 10 combines disk mirroring and disk striping to protect data.
Data protection is safeguarding important information from corruption, compromise, or loss. The importance of data protection increases as the amount of data created and stored continues to grow at unprecedented rates.
Critical pieces of information commonly stored by businesses, be that employee records, customer details, loyalty schemes, transactions, or data collection, need to be protected. This prevents that data from being misused by third parties for fraud, such as phishing scams and identity theft.
What are the 7 principles of data protection?
The Seven Principles:
• Lawfulness, fairness, and transparency.
• Purpose limitation.
• Data minimization.
• Accuracy.
• Storage limitation.
• Integrity and confidentiality (security)
• Accountability.
The chapter begins with discussion of the importance of data. It looks at one of several data breaches at have occurred at Sony Corp. In this case over 100 million user accounts were lost. Emphasis is placed on securing data while it is being stored.The chapter then covers one of the most important things you can do to protect your data – backup. It discusses the scope of backups, shadowing, and full/incremental backups. Various backup technologies are discussed, including local backup, centralized backup, continuous data protection, online backup, and a peer-to-peer model.
Patrick Jurgelewicz says
This chapter emphasizes the importance of protecting corporate data, especially when it is being stored, rather than transmitted or processed. Some key factors to protecting data are backing it up, storing it securely in a database, preventing its theft, and disposing of it securely. Ensuring that data is properly backed up will prevent a total loss if another protection breaks or is lost. Storage practices such as encryption, access control, and proper retention policies will help keep the stored data secure. Data loss prevention policies and hardware appliances help protect user PII, which this chapter points out can be especially valuable in triangulating a user’s identity using select few information. Lastly, it is important to follow proper data destruction practices and to know when to use nominal deletion, basic file deletion, wiping, or destroying.
Antonio Cozza says
Great summary. It is also crucial for protecting data to consider in the network where exactly the databases are located such that they are not able to be immediately compromised without other multi-layered defensive mechanism in place.
kofi bonsu says
I was absolutely impressed about the chapter on Data loss prevention in this week’s reading and this is so because we live in a time where everyone—including every business and organization—everything is both product and producer of a massive amount of data that resides on one or more systems. It could be a government database, a business’ customer list, or even your cloud account, but whatever the storage site, data represents everything we are and do. Consequently, data is vulnerable to getting lost, whether it’s an accidental mishandling of information or outright theft by a hacker. The explosion of data has only increased the cybersecurity stakes, requiring new methods of ensuring information integrity. DLP is a set of policies, products, technologies, and techniques designed to prevent sensitive information from leaving a business or organization. All DLP strategies must incorporate a collection of solutions that monitor, detect, and halt the unauthorized flow of data. These solutions include preventing users from accidentally destroying sensitive data as well as defending against data breaches from outside the organization. Network DLP is focused just as much on monitoring end-users within the organization as it is protecting against breaches from external agents through network vulnerabilities. Unauthorized employees, for instance, may unwittingly alter, delete, or send out information that could damage a company. To mitigate the risks associated with this, many organizations have the field of data loss prevention (DLP) to help meet the need for siphoning of data from the organization.
Dan Xu says
Hi Kofi,
I agree with you that data represents everything we do. It is reflected in our life and work. In order to avoid the increased network security risks brought about by the explosive growth of data, all that can be done is to avoid data loss and damage as much as possible. In addition to monitoring, detecting, and preventing unauthorized users from accessing data, all you can do is back up your data as best you can. Backups are ensuring that copies of data files are stored safely and securely and will continue to exist even if the data on the host is lost, stolen, or damaged. Data is backed up in such a way that it remains available in the event of a catastrophic host failure.
Dan Xu says
In chapter 9, attacks against data can occur when data is processed. With a secure cryptosystem, attacks can be prevented while data is being transmitted. Through the study of this chapter, I realized the importance of backup backup. Perhaps other protections will inevitably fail, and the extent to which data is backed up will determine the extent of the loss. Backup is ensuring that copies of data files are stored safely and securely and will continue to exist. Even if data on the host is lost, stolen or corrupted. No matter how damaged, the company’s only recourse is from the last backup. Backups help achieve availability security goals.
Patrick Jurgelewicz says
Hey Dan, I like how you pointed out just how crucial it is for companies to backup their data. Similar to defense-in-depth strategies, it is best to assume some protections or databases could face trouble, and having backups and extra layers of security will help keep a business running in an emergency.
Kelly Sharadin says
Data loss prevention (DLP) policies can be an effective countermeasure against insider threats. DLP policies can include enabling alerts to trigger if an unauthorized user is accessing or exporting sensitive corporate data. DLP policies can be tuned to alert if the following PII conditions are met; data accessed contains name, address, information that can link the user’s identity. DLP policies can provide an auditing trail to help identify who accessed the information and identify exposed information to unauthorized third parties.
Michael Jordan says
Kelly,
I never thought about how data can be categorized and linked to software that relays if it contains different types of PII. This kind of tracking and alert system is good for any company to use because it makes analysis and reaction easier and more transparent. It could also save money in the end also by knowing the extent of a breach was not the worst-case scenario.
-Mike
Madalyn Stiverson says
For data protection, you need to consider any applicable legislation. This can dictate the baseline, minimum protections you are required to enforce. As long as it is cost efficient, going above and beyond what it minimally required often reduces the severity and frequency of breaches.
One important aspect of data protection is employee training. If your company deals with PII, financial information, or other sensitive data, employees should receive training on what is and what is not appropriate for discussion and dissemination outside the workplace.
DLP tools can be used to scan for and, if enabled, actively block outgoing sensitive data. This can prevent breaches from occurring either maliciously or accidentally.
Dhaval Patel says
One of my main takeaways from this chapter was database access controls. We have seen in other chapters how you can protect databases with cryptography, encryption, or firewalls but it is also important to protect the databases at the data level. This would mean restricting access to rows and columns, setting up relations between entities, and setting up proper authentication. Determining what events to audit within the database is also a crucial task. These audits vary depending on the data and regulatory requirements, but some key events are user failed logins, changes to procedures, and special access.
Andrew Nguyen says
One of the takeaways from this chapter was database security and how to achieve it. I know it may not be the most glamorous or fun thing to do, but I believe that it is definitely possible for developers and/or database administrators to give all users permissions all tables, rows and columns in a database. Having worked a little bit with databases, setting up and maintaining permissions for an entire database can be tedious and troublesome, and database security definitely requires a certain level of attention to detail.
Dhaval Patel says
Hi Andrew,
I completely agree. I am not a fan of working with databases, but the data within them is a corporation’s main asset, and so to protect the data you’d have to properly secure the database and which includes applying the correct permissions, which as you said can be a tedious task.
Antonio Cozza says
One interesting point this chapter makes is the concept of port obfuscation, which the authors recommend and advise as good practice. However, this is reminiscent of security through obscurity, and is not inherently a good security practice in and of itself. It will help with cleaning up log files and likely circumvent much of the script kiddy attacks that regularly scan for basic vulnerabilities with a port scanner, but it does not really provide any sort of security and I find it questionable that they advise to do so. It *can* help for the purpose of cleaner logs, making it easier to see other potential attacks coming in, but I do not think it is a good practice for security.
Patrick Jurgelewicz says
I agree that port obfuscation is and of itself is not a secure enough practice. While it can definitely help protect from basic attacks, it could also lead to a false sense of security which could be counter-productive. It can be a good practice, but all other security measures should be enabled as normal.
Michael Jordan says
One key takeaway of mine from this chapter was the importance of backing up critical data. Backups can provide more protection against attacks harming integrity and availability as long as the system(s) that are used to store the replicated data are located separately from the main database / network, are properly secured. and maintain proper logs. Data backups should also be included in contingency planning and thought of from this perspective because if any kind of disaster were to happen where an organization would need to change physical locations for a period of time, it should be convenient to insert/access the data in a different environment. A good data backup is an effective way to combat ransomware attacks, which is one of the fastest increasing types of attacks at this point in time.
Dhaval Patel says
Hi Michael,
You make some good points. Backups are a critical task that needs to be performed for all systems, and best practices need to be followed to have a successful backup. These best practices should also indicate how to restore from a backup so there is a smooth transition, and as you said backups should be included in the contingency plan so that a quick recovery is possible.
zijian ou says
Database security has two meanings: The first layer refers to system operation safety. The usual threats to system operation safety are as follows. Some cybercriminals invade the computer through the network, local area network, and other means to make the system unable to start usually, or overload the machine to run A large number of algorithms, and turn off the CPU fan, make the CPU overheated and burn out and other destructive activities; The second layer refers to the system information security, the system security is usually threatened as follows, hackers invade the database and steal the desired information.
Michael Jordan says
Zijian,
Your point that database security involves operational and physical security is a good one. Information security such as encryption, backups, etc. are no good if the machines cannot physically function properly or if they are destroyed in some kind of disaster.
-Mike
Vraj Patel says
There are multiple policies that could be in place to protect the data. The some of the policies include Backup Creation Policies, Restoration Policies, Encryption Policies, and Retention Policies. Backup Creation Policies would be in place to identify the system and the data that it holds to find out how often that system or data should be backed up. Restoration Policies includes to perform the test of restoring the data to ensure the data is being properly backed up and can be used if there happens to be any type of incident. Encryption Policies would mention to encrypt the data before moving it so it could stay confidential while in transit. Retention Policies include the legal time frame for how long the certain data should be kept.
Lauren Deinhardt says
Thanks for your post, Vraj. It is important to have these policies in order to maintain organizational compliance and accountability.
Lauren Deinhardt says
One takeaway from this reading was the difference between full and incremental back ups. Full backups are when data from files/directories are completely and holistically copied, backed up and saved. These take a significant amount of time. Meanwhile, incremental back ups are done periodically (i.e. 3 times a week), and back up data that has changed since the last full backup was completed. Incremental backups need to be carefully timed in order to provide accurate backed up data, and are speedy/efficient methods of backing up data.
Victoria Zak says
The main takeaway while reading this chapter is how important backup is. Backup is utilized in case the data is lost or corrupted. There are several ways to backup data such as file/directory backup, image backup, and shadowing. The file/directory backup is the most common backup. This can happen on such as an external backup or a flash drive. Image backup creates a copy of the operating system and the data associated with it. A shadow copy can still contain all files and is a backup copy of each file.
Kyuande Johnson says
Redundant Array of Independent/Inexpensive Disks (RAID) is a technology that allows storing data across multiple hard drives. The purpose of RAID is to achieve data redundancy to reduce data loss and, in a lot of cases, improve performance. There are 5 different RAID Levels. RAID 0, 1, 5, 6 and 10. RAID 0 is Stripping, writing data simultaneously across multiple disks. RAID 1 is Mirroring, creating an exact copy of a disk at the same time. RAID 5 consists of block-level striping with distributed parity. RAID 6 is also known as dual drive failure protection—is similar to a RAID 5 array because it uses data striping and parity data to provide redundancy. RAID 10 combines disk mirroring and disk striping to protect data.
Olayinka Lucas says
Data protection is safeguarding important information from corruption, compromise, or loss. The importance of data protection increases as the amount of data created and stored continues to grow at unprecedented rates.
Critical pieces of information commonly stored by businesses, be that employee records, customer details, loyalty schemes, transactions, or data collection, need to be protected. This prevents that data from being misused by third parties for fraud, such as phishing scams and identity theft.
What are the 7 principles of data protection?
The Seven Principles:
• Lawfulness, fairness, and transparency.
• Purpose limitation.
• Data minimization.
• Accuracy.
• Storage limitation.
• Integrity and confidentiality (security)
• Accountability.
Bernard Antwi says
The chapter begins with discussion of the importance of data. It looks at one of several data breaches at have occurred at Sony Corp. In this case over 100 million user accounts were lost. Emphasis is placed on securing data while it is being stored.The chapter then covers one of the most important things you can do to protect your data – backup. It discusses the scope of backups, shadowing, and full/incremental backups. Various backup technologies are discussed, including local backup, centralized backup, continuous data protection, online backup, and a peer-to-peer model.