Saturday, September 7, 2013

Data Security in Network

Data Security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites.It means protecting a database from destructive forces and the unwanted actions of unauthorized users.Data is any type of stored digital information.Security is about the protection of assets.  It is based on prevention, Detection and Reaction.

Security Measures:

Data security is subject to several types of audit standards and verifications. The most common are ISO 17799, ISO 2700102, ITIL, SAS-70, HIPPA, SOX…Security measures controlling physical access to hardware and software, backing up data and programs (storing a copy of files on a storage device to keep them safe). Implementing network controls such as using password, installing firewall, encrypting data, installing a call back system, using signature verification and biometric security devices.Data are protected from many type of viruses or other techniques such as hacking, salami shaving, denial of service attack, Trojan horse, trapdoors, mail bombing, spoofing, defacing, hijacking, jump command, EXE files, Trojan etc…

The Security Policy :

The Security Policy is the key document in effective security practices.Once it has been defined it must be implemented and modified and include any exceptions that may need to be in place for business continuity.  All users need to be trained on these best practices with continuing education at regular intervals.Secure data usually isolated from other stored data because the sensitive data must be logged. The encryption is too difficult in the sensitive data.

To monitor Secure Data the following tools are used: passwords, log files, protection systems, alert administrators, SNMP monitoring servers etc…Backups are used to ensure data which is lost can be recovered. 

Data Masking of structured data is the process of masking specific data within a database to ensure that data security is maintained and sensitive information is not exposed to unauthorized personnel. Data Erasure is software based overwriting method.  It completely destroys all electronic data residing on a hard drive.

Security Threats:

  • Technical Data Security Threats to Information Systems contains Non-existent security architecture, Un-patched Client side software and applications, “phishing” and targeted attacks (“Spear Phishing”), Internet Web Sites, Poor Configuration Management, Mobile devices, Cloud Computing, Removal Media, Zero-day attacks.
  • Non-technical Cyber Security Threats to Information Systems contains Insider, Poor Passwords, Physical security, Insufficient backup and recovery, Improper destruction, Social media, Social Engineering.

Once the risks have been assessed and organizational security policies specified, security architecture should be designed and a security plan implemented.  Consistent implementation of the security plan will reduce susceptibility to cyber threats and increase the overall security of an organization’s data.

No comments:

Post a Comment