Tuesday, 1 July 2014

Data Security Techniques

Technology implies the presence of huge amount of complex data which might be extremely crucial to the data owners. This data can be present in various different forms, for example, the contacts in mobile phone, the source code of an application, all the employee data of an organization, the password files of all machines, credit card information, etc. This data may be available in digital or non-digital forms. Irrespective of its location and format, it is crucial that data is protected from unauthorized access.  As a result of increasing incidents of security breaches, individuals and organizations are now investing time and money to ensure their data is protected. One of the most important steps to ensure availability of data in case of a breach is to have a backup of it. Let’s have a look at some of the techniques of data protection.

Techniques of Data Protection

Physical Protection: Any data present in non-digital format or stored on a media must be enclosed in secured location. For a small device or files, it can be stored within physical lock and key. The key must only be kept with authorized people. If the data is being transferred, ensure it is entrusted to reliable agencies / people.

Logical Protection: To protect data stored in the server or some other shared location, access control mechanisms must be established to restrict unauthorized access. Authorized people can then access the data using passwords. Apart from this, all the networks, servers, devices and databases must be protected by firewalls, anti-virus and / or anti-spyware programs. In case of data transmission, ensure reliable and secure data transmission channels are used and the data is encrypted and / or password protected.

Data Encryption: Sensitive data must be encrypted using techniques like cryptography, hashing, steganography, etc. Data encryption provides an extra layer of protection where in even if an unauthorized source tries to access the data, and succeeds in bypassing the access controls, the encryption will prevent him / her from accessing it. It is essential to encrypt backups taken on hard disks, USBs, etc.

Data Backup: Data may be lost due to various reasons like destruction of the device in which data is stored, corruption of data, theft, etc. It is hence essential to take regular backups of data so that even if the data is lost, it can be restored. The damage may not be completely avoided but can at least be reduced with the help of backups. But then again, this backup data must also be protected. The backup can be stored on a tape and / or disk. Also, the backup should be stored at a remote location so that if the main site is destroyed, the backup at remote location remains safe.

Data destruction: Data destruction is as important as data protection and backup. The data you wish to destroy may be obsolete to you but if it falls in the wrong hands, a lot of damage is plausible. An efficient data destruction technique must be adopted by organizations / individuals to ensure its safe disposal. Some of the commonly used techniques are as below
Shredding, burning, etc for data in paper form; cutting the cd / dvd in two parts for media; permanent deletion of digital files, etc. If a device is to be reused, ensure it is properly formatted before handing it over for reuse.

Data has literally become an organization’s backbone and it is essential to implement procedures in order to ensure the security of data. No technique is full proof; hence it is necessary to understand that by implementing data protection techniques one cannot guarantee the security of data. However, the damage done can be considerable reduced.

About Author:
Harish Mani is senior consultant and is important part of Systems Plus Pvt. Ltd. think Tank. He in Systems Plus actively contributes to technology and information security. He can be contacted atharish.m@spluspl.com

1 comment: