Data Security

---

---

Data or information is the most valuable asset in this modern age. An expert attacker can do anything with the data or information. It is the users, organizations, or even government duty to protect data from any of illegal activities like stealing of data, manipulating data, illegal access, and even deletion of sensitive data.  

Data security refers to the security of data from all the attacks on the data like stealing of data, illegal access of data, modifying sensitive data or even deleting the data. Data security needs a strong infrastructure and a team of good system administrators to secure the data from the attackers.

For designing a perfect security system for data protection, we need to preserve some basic things of data like

1. Integrity of data
2. Privacy of data
3. Prevent unauthorized deletion of data

For the proper design of data security from all type of attacks like intrusion, modification or deletion of data, and to maintain these three basic principles of data we have to consider some aspects stated below

1. Do Proper Encryption on data
2. Need proper Data Backups
3. Anti-malware protection
4. Need good Archival Storage
5. Use a proper firewall
6. Efficient Disposal of Data
7. Follow Principle of Least Privilege.

Data Encryption

Data encryption is a security method where we encode data means changing that data from the readable form to an unreadable form using a key. It can be converted back using another key and that process is called decryption or decoding the data. Data, which is encrypted, is called a ciphertext that a middleman attacker cannot read or understand.

Cyber security prefers to encrypt the data while storing the data and transporting the data. As you know all the electronic messages are now in encrypted forms like email or WhatsApp. It helps to protect the data from cyber attackers even if they got access to the data. Every bank transaction including the credit card using the encryption technique. Software, which is used for encrypting data, is called an encryption algorithm.

Types of encryption

Encryption can be broadly divided into two types depending on the key that is used for encryption. That is

1. Symmetric: In symmetric, the data is encrypted and decrypted using the same key. That means we need only one secret key that the sender and receiver know to encode and decode the data. Examples, AES, DES, IDEA, RC4, etc
2. Asymmetric: In Asymmetric encryption, the data is encrypted using a key, which the sender used to encrypt the data called a public key. And there will be another key the receiver use to decode the data known as the secret key. Examples, RSA, DSS,  ECC, TLS, etc

Backup of Data

Backup of data is one of the basic and oldest methods in data security. It is the process of making one or more duplicate copies of the data and saving such copies in different mediums like cloud storage or in physical devices like hard disks is commonly termed as a backup of data.

We have to do the backup of data on a regular interval basis as it helps us to recover the data, if the original data is lost or corrupted either accidentally or by some malicious attacks. Below are the advantages of data backup

• Loss of data accidentally or intentional attacks
• Loss of data from a cyber-theft
• Keep data reliable, which will be authentic and accurate.

Now we have to decide how many copies of data have to make for a secure backup. For perfect backup security, there is an international method which is the 3-2-1 rule.

• Make three copies of the data
• Use two different mediums for storing the data like HDD or disk
• Must have server backup, which means having a copy of data in the server where the website is hosted.

Now we have to think about the mediums, which we use to backup data. The popular mediums for backing up of data are

• The hard disk which may be external or internal
• Server
• Cloud storage
• Cd or DVD backups
• USB flash drive
• University Archives

Finally, we have to follow some important things before making the backup regarding the security of the medium where we are going to save the backup of data

• Must have data encryption while storing and transferring data
• Must have user access right depending on their role
• Must save in medium with a good firewall
• Must have a good antivirus and user authentication
• Use Linux systems for the backup as preferably SElinux

Anti-Malware protection on data

Malware is the short form of malicious software that is a program that is designed to infect and spread in computers, networks, etc, and can able to manipulate or steal data or information and also can able to destroy a system or a network.

Malware is not easy to identify as it can be found in almost all places like email, the internet, websites, etc. Malware includes viruses, worms, Trojans, scareware, adware any of them, which are hidden in a system or network.

We must use an updated antimalware detection system in the place we store our data as we are under malware threat. Use a good updated antivirus and must do the periodic scan for any infections be careful using the system while accessing email and surfing.

Follow Proper Data Archive

Data archiving is storing data in a secure medium for a long time. In some organizations, there will be a huge amount of data and a huge amount of that data will not be actively useful for the day-to-day operations of the organization but will have to keep that data securely which is called data archiving.

For example, in a bank, there will be plenty of accounts and their history. Many of the accounts will not be active at that time but the bank saves all the records of the accounts even it is not functional, which is called archiving of data. It is essential for an organization for any future needs. A good data archive must be secure and indexed also have a good search option to find any needed data without any effort and cost.

Now we all will think about the difference between data archiving and data backup. Data backup means we are saving a copy of data, which is actively using the system for the data security to use in any kind of loss or corruption.

Where, data archiving is the process of saving the data, which is not actively used by any organization but needed for any future reference. Data archiving in proper intervals helps to reduce a load of active data and its cost.

We can archive data in different mediums such as in the cloud or offline or online like hard disk or servers. Wherever we are archiving the data it must be secure, safe, accessible and fast. 
Consider the following things for the best data archive and for long-term usability.

1. Storage medium: Archiving of data is to store the data for a long time securely, so we must select the best storage medium, which can able to hold our data for a long time
2. Storage Device: Selecting the storage device depends on the accessibility of data. If we need to access or refer to the data often we must select a medium that can able to do that. All above choose a device that can able to hold our data securely for a long time
3. Revisiting old archives: Policies about the archiving and the archiving options will change in time as the technology is changing also the policies. So we have to revisit the old archives to check is there any change needed in the archive. 
4. Data Usability: As we said data we archive must not be used for data to day activities but we need that archive for future references, so we must use a format that can easily make the data usable for referring without much cost and effort.
5. Selective archiving: In some cases, we don’t need all of the data to be archived and it will make a huge cost and effort for storing all the data. In that situation, we must be selective in which data need to be archived and which part of data is to be avoided from archiving.
6. Space considerations: Many organizations like banks, governments, and IT sector firms have a huge amount of data to archive. It is essential to consider the space needed for the archive and that too becomes cost-effective. Tapes are the best portable medium. 
7. Offline or online: Next is to decide the archive is stored online or offline. If you are deciding to be online as a cloud, it is easily accessible but vulnerable to attackers and corruption. On the other side offline medium like portable tapes, it is secure but not easy to access the data.