Data Security

What is Data Security?

Data Security
Definition planning, Development, and execution of security policies and procedures
to provide proper authentication, authorization, access, and auditing of data and
information assets
Sources of Data Security Requirements
Stakeholders
Government regulations
Proprietary business concerns
Legitimate access needs
Contractual obligations
Data Security Goals

• Enable appropriate , and prevent inappropriate,

Enable access to enterprise data assets.

Understand • Understand and comply with all relevant regulations

and policies for privacy, protection, and
and comply confidentiality.

• Ensure that the privacy and confidentiality needs of

Ensure all stakeholders are enforced and audited.
participants for data Drivers for data
security security
Data Stewards Risk Reduction
Information Security Team Business Growth
Internal Auditors Security as an assets
Process Analysis
Essential Concept for Data Security

Vulnerability Security Process Type of Data Security

Type of Data Security

Threat Data Integrity
Restrictions

Risk Encryption System Security Risks

Risk Classification Obfuscation or masking Hacking/ Hacker

Data Security Net work Security Malware

Organization Terms
• Vulnerability
A vulnerability is a weaknesses or defect in a system that allows it to be successfully
attacked and Compromised exploits.
• Threat
A threat is a potential offensive action that could be taken against an organization. Threats
can be internal or external. They are not always malicious.
• Risk
risk refers both to the possibility of loss and to the thing or condition that poses the
potential loss.
Risk Calculation

How do we calculate Risk?

• Probability that the threat will occur and its likely frequency
• Damage\type of damage, including damage to reputation
• The effect damage will have on revenue or business operations
• The cost to fix the damage after an occurrence
• The cost to prevent the threat, including by remediation of
vulnerabilities

Risk Intersection Model

 Risk Classification

CRD Critical Risk Data

Personal information, Which is not only harm individuals, but would result in financial harm to the
company from significant penalties.
HRD High Risk Data
HRD is actively sought for unauthorized use due to its potential direct financial value. HRD provides the
company with a competitive edge.
MRD Moderate Risk Data
Company information that has little tangible value to unauthorized parties; however, the unauthorized
use of this non-public information would likely have a negative effect on the company.
Data Security Organization
Information security function depends on the size of the enterprise.
In large organizations:
• Dedicated information security team within the IT department.
• Chief Information Security Officer (CISO) who reports to the Chief Executive Officer
(CEO) or Chief Information Officer (CIO).
In small organizations:
Data security may be the responsibility of data managers, as there is no dedicated team.
The difference between information security and data management teams:
Information security: Focus on technical aspects such as combating cyber.
Data management teams: Focus on regulatory and legal aspects.
NIST
(National Institute of Standards and Technology )

NIST(National Institute of Standards and Technology)

Risk Management Framework:
• All enterprise information must be categorized.
• The location of all sensitive information must be
known.
• Enterprise data model is essential
 Security Process

Access

Entitlement Audit
The 4 As and E

Authorization Authentication
Data Integrity
In security, data security is the state of being whole, protected from improper
deletion, alteration or addition.
Encryption
The process of translating plain text into complex codes to hide privileged
information, verify
Four main methods of encryption:
Hash: Uses algorithms
Symmetric: same key for encryption and decryption (vpn, file encryption)
Asymmetric: Public key for encryption, private key for decryption.
Obfuscation or masking
What is Obfuscation ?
The appearance of the data is changed.
two types of data masking, Persistent and
Dynamic
Persistent data masking:
Permanently and irreversibly alters the data.
Dynamic data masking:
Makes changes to appearance of data to the end
user system without changing the underlying
data
Masking Methods
• Substitution
• Shuffling
• Temporal variance
• Value variance
• Nulling or deleting
• Randomization
• Encryption
• Expression masking
• Key masking
Common Terms of Network Security
• Backdoor: A hidden entry to a computer system by passing password requirements.
• Bot or Zombie: A workstation taken over by a Trojan, Virus, Phish or download of an
infected file.
• Cookie: Small data file an internet commerce website installs on a computers hard drive
to identify returning visitors and their preferences.
• Firewall: Software and/or hardware that filters network traffic to protect against
unauthorized access or attack.
• Perimeter: Boundary between organization system and outside .
• Virtual Private Network (VPN): Use the unsecured internet to create an encrypted
tunnel
• DMZ: De-militarised Zone. Located between the perimeter firewall and a firewall
between it and the internet.
Hacking/Hacker and Phishing
Hacking/Hacker
A hacker finds unknown pathways in complex computer systems. Can be good or bad:
• White Hat hacker (Western movies the hero always wore a white hat) finds
vulnerabilities which are fixed in the patches.
• Malicious hackers intentionally breach systems to steal information or do damage.
Social Threats to Security / Phishing
Involves direct communication to trick people to provide confidential information – Social
engineering. Phishing is the call or message.
 Malware
Any malicious software created to damage, change or improperly access a computer or network.
Adware: Spyware that slips into the computer from an internet download. It monitors browsing and buying habits. Not
illegal.
Spyware: Any program that slips in without consent
Trojan Horse: A malicious program that enters the system embedded in legitimate software.
Virus: A program that attaches itself to an executable file, and delivers a destructive payload
Worm: A program built to reproduce and spread across a network by itself. Usually harms networks by consuming
bandwidth.
Malware Sources:
o Instant Messaging (IM)
o Social Networking Sites
o Spam
Data Security Tools
HTTPS: The web
Identity
Anti-Virus Software / address begins
Management
Security Software https:// a security
Technology
layer is present

Intrusion Detection
Firewalls
(IDS) and Prevention Metadata tracking
(Prevention)
Software (IPS)

Data
Masking/Encryption
Quiz
Question 1:

Which ONE of the following is one of the “Sources of Data Security”?

o Data Stewards
o Business Stakeholders
o Internal Auditors
o Process Analysts
Question 2:

Business Growth of the Organization is one of the reason why the Data
Security function is carried out.
o True
o False
Question 3:

Out-of-Date security patches, Untrained users, and Unprotected

Software, are examples of:
o A risk
o A threat
o A vulnerability
o All of the above
Question 4:

A potential offensive action (internal or external) that could occur

against an organization is termed as:
o A Risk
o A Vulnerability
o A Threat
Question 5:

Risks can be classified based on the Nature of Data

o True
o False
Question 6:

Data such as Organizational trade secrets, which provide a competitive

edge over rivals is classified as:
o Critical Risk Data (CRD)
o High Risk Data (HRD)
o Moderate Risk Data (MRD)
Question 7:

Personal Information, which can be exploited is classified as High-Risk

Data (HRD).
o True
o False
Question 8:

Spyware, Adware, Trojan Horse, Virus and Worm are all examples of
Malware.
o True
o False
Question 9:

A malware that gets hiddenly installed, when you install something else,
and records user's activities is called as:
o Adware
o Worm
o Trojan Horse
o Virus
o Spyware
Question 10

A program that enters your computer under the disguise of a legitimate

software called:
o Virus
o Trojan Horse
o Spyware
o Worm
Question 11:

A boundary that separates an organizations and trusted network from

external untrusted networks, such as internet called as
o Firewall
o Perimeter
o DMZ(Demilitarized Zone)