Data Security

From Think Outside the Circle
Jump to navigation Jump to search

https://blog.netwrix.com/2020/01/02/data-security-basics-and-data-protection-essentials/

https://blog.netwrix.com/2019/03/26/the-cia-triad-and-its-real-world-application/

Introduction

Covers the methods of identifying and evaluating threats.

Control Data flow

Requirements

  • Network security
  • Firewalls
  • Browser security
  • policies
  • risk management
  • cyrptography

Importance

Cyberattacks are up

Compliance pressures

Definitions

Data

Information

Data Protection

Data Security

Data vs. Information

Protection vs Security

Confidentiality

Cryptography

Access Control

Integrity

Goals

  1. Prevent modification by unauthorized users
  2. Prevent unintentional modification by authorized users
  3. Maintain consistency internally (data representation) and externally (real World)


Hashing used to verify integrity

Establish baselines (configuration data, systems, activities) and then evaluate deviations.

File Integrity monitoring

Availability

  • Distributive allocation (load balancing) for heavy loads (i.e. software release)
  • High Availability to maintain during an outage using redundancy (duplicated systems) and failover( switch to alternative systems)
  • Fault tolerance
  • Disaster Recover Plans
Retrieved from "https://www.thinkoutsidethecircle.net/mediawiki/index.php?title=Data_Security&oldid=26"