SlideShare a Scribd company logo

L1-Introduction to Data Security.pptx models

Download as PPTX, PDF
R
rkvrojinkvarughese07

introduction to Data Security

Engineering
1 of 11
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
Data breaches • which occur when data is accessed in an unauthorized manner, are a major concern for organizations of all shapes, sizes and industries. • Data breaches are attributed to a number of cyber incidents, including the following: • accidental leaks or exposures • phishing attacks • distributed denial-of-service attacks • physical breaches • lack of access controls • backdoors
• Types of data security • Before an organization can secure data, it has to know what data it has. • This is where a data inventory --a record of all the data created, used and stored by a company -- is key. The process starts with data discovery, or learning what and where the data is. • Data classification follows, which involves labeling data to make it easier to manage, store and secure. The four standard data classification categories are as follows: • public information • confidential information • sensitive information • personal information
Few data security technologies • Because no single form of data exists, no single magic-bullet technique can secure all data. A defense-in-depth data security strategy is made up of a combination of tools, techniques and policies. Must-have data security technologies include the following: • Encryption • Data masking • Access control • Data loss prevention (DLP) • Data backup and resiliency
L1-Introduction to Data Security.pptx models
• Encryption • Encryption is the process of converting readable plaintext into unreadable ciphertext using an encryption algorithm, or cipher. If encrypted data is intercepted, it is useless as it cannot be read or decrypted by anyone who does not have the associated encryption key. • Symmetric and asymmetric encryption are two commonly used ciphers: • Symmetric encryption uses a single secret key for both encryption and decryption. The Advanced Encryption Standard is the most commonly used algorithm in symmetric key cryptography. • Asymmetric encryption uses two interdependent keys: a public key to encrypt the data and a private key to decrypt the data. The Diffie-Hellman key exchange and Rivest-Shamir-Adleman are two common asymmetric algorithms.
Data masking • Data masking involves changing data so it cannot be read. Masked data looks similar to the authentic data set but reveals no sensitive information. • Legitimate data is replaced so the masked data maintains the characteristics of the data set as well as referential integrity across systems, thereby ensuring the data is realistic, irreversible and repeatable. • Below are some common data masking techniques: • substitution • shuffling • variance • masking out • nullifying
Access control • involves two main processes: • Authentication is the process of ensuring users are who they say they are. • Authorization is the process of ensuring authenticated users have access to the necessary data and resources. • Authentication and authorization are components of an enterprise identity and access management (IAM) strategy. • Other fundamental IAM processes and techniques include multifactor authentication (MFA), principle of least privilege access, role-based access control and privileged access management. • Also important is following password hygiene best practices, such as setting minimum password lengths, requiring unique passwords and considering regular password changes.
Data loss prevention • An integral tool for any enterprise security strategy is a DLP platform. • It monitors and analyzes data for anomalies and policy violations. • Its many features can include data discovery, data inventory, data classification and analysis of data in motion, at rest and in use. • Many DLP tools integrate with other technologies, such as SIEM systems, to create alerts and automated responses.
Data backup • Data backup involves creating copies of files and databases to a secondary, and often tertiary and quaternary, location. • If the primary data fails, is corrupted or gets stolen, a data backup ensures it can be returned to a previous state rather than be completely lost. • Data backup is essential to disaster recovery plans.
Data Security Best Practices • An organization can take several steps in addition to the data security technologies above to ensure robust data security management. • External and internal firewalls: Using external and internal firewalls ensures effective data protection against malware and other cyberattacks. • Data security policy: An organization should adopt a clear and comprehensive data security policy, which should be known by all staff. • Data backup: Practicing backup of all data ensures the business will continue uninterrupted in the event of a data breach, software or hardware failure, or any type of data loss. Backup copies of critical data should be robustly tested to ensure adequate insurance against data loss. Furthermore, backup files should be subjected to equal security control protocols that manage access to core primary systems. • Data security risk assessment: it is prudent to carry out regular assessments of data security systems to detect vulnerabilities and potential losses in the event of a breach. The assessment can also detect out-of-date software and any misconfigurations needing redress.
• Quarantine sensitive files: Data security software should be able to frequently categorize sensitive files and transfer them to a secure location. • Data file activity monitoring: Data security software should be able to analyze data usage patterns for all users. It will enable the early identification of any anomalies and possible risks. Users may be given access to more data than they need for their role in the organization. The practice is called over-permission, and data security software should be able to profile user behaviour to match permissions with their behavior. • Application security and patching: Relates to the practice of updating software to the latest version promptly as patches or new updates are released. • Training: Employees should continually be trained on the best practices in data security. They can include training on password use, threat detection, and social engineering attacks. Employees who are knowledgeable about data security can enhance the organization’s role in safeguarding data.

More Related Content

PPTX
Computer security concepts
Prachi Gulihar
 
PPTX
Data Security Management - Data Analytics
rashiesoft
 
PPTX
ISM-CS5750-01.pptx
RashidSahito1
 
PPTX
crisc_wk_5.pptx
dotco
 
PPTX
Security & Risk Mgmt_WK1.pptx
Technocracy2
 
PPTX
Security & Risk Mgmt_WK1.pptx
dotco
 
PPT
Lecture data classification_and_data_loss_prevention
Nicholas Davis
 
PPT
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
 
Computer security concepts
Prachi Gulihar
 
Data Security Management - Data Analytics
rashiesoft
 
ISM-CS5750-01.pptx
RashidSahito1
 
crisc_wk_5.pptx
dotco
 
Security & Risk Mgmt_WK1.pptx
Technocracy2
 
Security & Risk Mgmt_WK1.pptx
dotco
 
Lecture data classification_and_data_loss_prevention
Nicholas Davis
 
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
 

Similar to L1-Introduction to Data Security.pptx models (20)

PPT
Data Classification And Loss Prevention
Nicholas Davis
 
PPTX
Presentation 10.pptx
mishogelashvili28
 
PPTX
Lecture one Network Security Introduction.pptx
AreebaSaeed18
 
PPTX
SECURITY AND CONTROL
shinydey
 
PPTX
security in is.pptx
selvapriyabiher
 
PPT
4_25655_SE731_2020_1__2_1_Lecture 2 - Security Requirments.ppt
nasirmehmood929552
 
PPT
4_25655_SE731_2020_1__2_1_Lecture 2 - Security Requirments.ppt
nasirmehmood929552
 
PDF
Introduction to Cybersecurity.pdf
ssuserf98dd4
 
PPTX
Data security
AbdulBasit938
 
PPT
Information Security Audit and Analysis Module
AvinashAvuthu2
 
PPT
Lecture 2 - Security Requirments.ppt
DrBasemMohamedElomda
 
PPTX
17 info sec_ma_imt_27_2_2012
RECIPA
 
PPTX
Tsc2021 cyber-issues
Ernest Staats
 
PPTX
ISBB_Chapter6.pptx
AmanSoni665879
 
PPTX
Information Security
sonykhan3
 
PPT
Module-1.ppt cryptography and network security
AparnaSunil24
 
PPTX
IS Chap 1 by whitman chapter 1 pptx.pptx
sania82678
 
PPTX
Information security Chap 1 whitman.pptx
sania82678
 
PPT
Information Security
Dhilsath Fathima
 
PPTX
Privacies are coming
Ernest Staats
 
Data Classification And Loss Prevention
Nicholas Davis
 
Presentation 10.pptx
mishogelashvili28
 
Lecture one Network Security Introduction.pptx
AreebaSaeed18
 
SECURITY AND CONTROL
shinydey
 
security in is.pptx
selvapriyabiher
 
4_25655_SE731_2020_1__2_1_Lecture 2 - Security Requirments.ppt
nasirmehmood929552
 
4_25655_SE731_2020_1__2_1_Lecture 2 - Security Requirments.ppt
nasirmehmood929552
 
Introduction to Cybersecurity.pdf
ssuserf98dd4
 
Data security
AbdulBasit938
 
Information Security Audit and Analysis Module
AvinashAvuthu2
 
Lecture 2 - Security Requirments.ppt
DrBasemMohamedElomda
 
17 info sec_ma_imt_27_2_2012
RECIPA
 
Tsc2021 cyber-issues
Ernest Staats
 
ISBB_Chapter6.pptx
AmanSoni665879
 
Information Security
sonykhan3
 
Module-1.ppt cryptography and network security
AparnaSunil24
 
IS Chap 1 by whitman chapter 1 pptx.pptx
sania82678
 
Information security Chap 1 whitman.pptx
sania82678
 
Information Security
Dhilsath Fathima
 
Privacies are coming
Ernest Staats
 
Ad

Recently uploaded (20)

PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PPTX
IOT PPTs Week 10 Lecture Material.pptx of NPTEL Smart Cities contd
ssusera400e8
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PDF
composite construction of structures.pdf
AinieButt1
 
PPTX
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
PDF
Arduino robotics embedded978-1-4302-3184-4.pdf
AbdullahEmam4
 
PPTX
Geodesy 1.pptx...............................................
abhi1361yadav
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PPTX
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPTX
Construction Project Organization Group 2.pptx
vj5agdales
 
PPTX
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
PDF
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
PDF
Structs to JSON How Go Powers REST APIs.pdf
Emily Achieng
 
PDF
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PPTX
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
PPTX
additive manufacturing of ss316l using mig welding
premcdr7799
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
Sustainable Sites - Green Building Construction
mhdumerali
 
IOT PPTs Week 10 Lecture Material.pptx of NPTEL Smart Cities contd
ssusera400e8
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
composite construction of structures.pdf
AinieButt1
 
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
Arduino robotics embedded978-1-4302-3184-4.pdf
AbdullahEmam4
 
Geodesy 1.pptx...............................................
abhi1361yadav
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
Construction Project Organization Group 2.pptx
vj5agdales
 
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
Structs to JSON How Go Powers REST APIs.pdf
Emily Achieng
 
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
additive manufacturing of ss316l using mig welding
premcdr7799
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
Ad

L1-Introduction to Data Security.pptx models

  • 1. Data breaches • which occur when data is accessed in an unauthorized manner, are a major concern for organizations of all shapes, sizes and industries. • Data breaches are attributed to a number of cyber incidents, including the following: • accidental leaks or exposures • phishing attacks • distributed denial-of-service attacks • physical breaches • lack of access controls • backdoors
  • 2. • Types of data security • Before an organization can secure data, it has to know what data it has. • This is where a data inventory --a record of all the data created, used and stored by a company -- is key. The process starts with data discovery, or learning what and where the data is. • Data classification follows, which involves labeling data to make it easier to manage, store and secure. The four standard data classification categories are as follows: • public information • confidential information • sensitive information • personal information
  • 3. Few data security technologies • Because no single form of data exists, no single magic-bullet technique can secure all data. A defense-in-depth data security strategy is made up of a combination of tools, techniques and policies. Must-have data security technologies include the following: • Encryption • Data masking • Access control • Data loss prevention (DLP) • Data backup and resiliency
  • 5. • Encryption • Encryption is the process of converting readable plaintext into unreadable ciphertext using an encryption algorithm, or cipher. If encrypted data is intercepted, it is useless as it cannot be read or decrypted by anyone who does not have the associated encryption key. • Symmetric and asymmetric encryption are two commonly used ciphers: • Symmetric encryption uses a single secret key for both encryption and decryption. The Advanced Encryption Standard is the most commonly used algorithm in symmetric key cryptography. • Asymmetric encryption uses two interdependent keys: a public key to encrypt the data and a private key to decrypt the data. The Diffie-Hellman key exchange and Rivest-Shamir-Adleman are two common asymmetric algorithms.
  • 6. Data masking • Data masking involves changing data so it cannot be read. Masked data looks similar to the authentic data set but reveals no sensitive information. • Legitimate data is replaced so the masked data maintains the characteristics of the data set as well as referential integrity across systems, thereby ensuring the data is realistic, irreversible and repeatable. • Below are some common data masking techniques: • substitution • shuffling • variance • masking out • nullifying
  • 7. Access control • involves two main processes: • Authentication is the process of ensuring users are who they say they are. • Authorization is the process of ensuring authenticated users have access to the necessary data and resources. • Authentication and authorization are components of an enterprise identity and access management (IAM) strategy. • Other fundamental IAM processes and techniques include multifactor authentication (MFA), principle of least privilege access, role-based access control and privileged access management. • Also important is following password hygiene best practices, such as setting minimum password lengths, requiring unique passwords and considering regular password changes.
  • 8. Data loss prevention • An integral tool for any enterprise security strategy is a DLP platform. • It monitors and analyzes data for anomalies and policy violations. • Its many features can include data discovery, data inventory, data classification and analysis of data in motion, at rest and in use. • Many DLP tools integrate with other technologies, such as SIEM systems, to create alerts and automated responses.
  • 9. Data backup • Data backup involves creating copies of files and databases to a secondary, and often tertiary and quaternary, location. • If the primary data fails, is corrupted or gets stolen, a data backup ensures it can be returned to a previous state rather than be completely lost. • Data backup is essential to disaster recovery plans.
  • 10. Data Security Best Practices • An organization can take several steps in addition to the data security technologies above to ensure robust data security management. • External and internal firewalls: Using external and internal firewalls ensures effective data protection against malware and other cyberattacks. • Data security policy: An organization should adopt a clear and comprehensive data security policy, which should be known by all staff. • Data backup: Practicing backup of all data ensures the business will continue uninterrupted in the event of a data breach, software or hardware failure, or any type of data loss. Backup copies of critical data should be robustly tested to ensure adequate insurance against data loss. Furthermore, backup files should be subjected to equal security control protocols that manage access to core primary systems. • Data security risk assessment: it is prudent to carry out regular assessments of data security systems to detect vulnerabilities and potential losses in the event of a breach. The assessment can also detect out-of-date software and any misconfigurations needing redress.
  • 11. • Quarantine sensitive files: Data security software should be able to frequently categorize sensitive files and transfer them to a secure location. • Data file activity monitoring: Data security software should be able to analyze data usage patterns for all users. It will enable the early identification of any anomalies and possible risks. Users may be given access to more data than they need for their role in the organization. The practice is called over-permission, and data security software should be able to profile user behaviour to match permissions with their behavior. • Application security and patching: Relates to the practice of updating software to the latest version promptly as patches or new updates are released. • Training: Employees should continually be trained on the best practices in data security. They can include training on password use, threat detection, and social engineering attacks. Employees who are knowledgeable about data security can enhance the organization’s role in safeguarding data.