The data that organizations hold is very important for their success. Unfortunately, your organization data may also hold importance to other organizations/ individuals. As a security professional you need to make sure that it is secure from unauthorized access.

Data Security can be defined as the protection of data from unauthorized (accidental or intentional or unintentional or malicious) modification, destruction, or disclosure. We can also define Data Security as the means protecting a database from destructive forces and the unwanted actions of unauthorized users.

Data Protection

The first thing an organization needs to do is figure out what sensitive data they possess, what is it's utility, and where it is located. Secondly, the organization needs to make sure that they segregate the important data. As a security professional, you need to minimize the storage of sensitive data to as few a devices as possible, and ensure that those devices are isolated from the network and the rest of the data. Maintainence of security information thus becomes easier.

Disk Encryption

Disk encryption refers to encryption technology that encrypts data on a hard disk drive. It is a process that ensures that files are always stored on a disk in an encrypted form. The files stored on the disk are available to the operating system and applications in readable form while the system is running and unlocked by a trusted user. Reading the encrypted sectors without permission will return garbled random-looking data instead of the actual files.

Data Masking

Data masking is the process of obscuring or masking specific data elements within data stores. We use data masking strategies and techniques to obscure or de-identify specific data within a database table or flat file ensuring the data security is maintained and sensitive customer information is not leaked outside the authorized environments. The data masking algorithms are applied across multiple tables, applications and environments, so, referential and business integrity will always be maintained. Other terms for "data masking" may include: data obfuscation, data scrambling, data anonymization and data cleansing.

Data Encryption VS Data Masking

As a data security professional there lies a common misconception that data encryption is a form of data masking.

As we know, encryption is a process for securing communications from unauthorized eavesdropping. On the other hand data masking is a process or method used to protect the content of data in environments other then production while ensuring the referential integrity of the original production data is maintained. Since the only purpose is to protect the data with no aim to re-construct the original data, we should see the process of data masking to be irreversible.

Data Erasure

Data erasure, also known as, data clearing or data wiping is a software-based method of overwriting data that completely destroys all electronic data residing on a hard disk drive or other digital media. When media is erased it is also said to be sanitized. In the military or government terms, data erasure means to erase information from the media so that it is not retrievable using routine OS (operating system) commands or available recovery software products.

If you fail to erase data properly it could result in:

  • Identity theft
  • Government and/or civil liability
  • Fines or lawsuits
  • Damage to an organization’s reputation
  • Loss in consumer confidence

Destroying data can be challenging. Even damaged hard drives still contain data which can be recovered by experts. In order to ensure that data is completely destroyed beyond recovery, it is imperative to use a secure method of data erasure.

Methods of Data Destruction

The following are most commonly used methods of data destruction:

  • Delete
  • Degauss
  • Physical destruction
  • Software Overwrite

Delete

All Delete and Format commands (even with switches such as Format C: /D) affect only the File Allocation Table (FAT) and does not actually erase any data.  Until the “deleted” data is overwritten with other data, it still exists and poses a significant danger to any organization. Deleting/formatting data is an extremely ineffective method of data destruction and should be avoided.

Degaussing

When we degauss, the process involves using a machine that produces a strong electromagnetic field to destroy all magnetically recorded data. This process of data destruction was effective in the past as a strong electromagnetic field was not needed to destroy data. However, with the use of modern hard drives, a much stronger electromagnetic field is required in order to ensure a complete erasure. There is no way to guarantee that a particular degassing machine will do a thorough job and therefore poses a security risk.

Physical Destruction

When we use the process of physical destruction, hard drives and other storage media are usually shredded into tiny pieces by large mechanical shredders/machines. This is considered an effective way of destroying data and preventing data. Drilling holes in a hard drive is another method of physical destruction. It is important to remember that mechanical shredding, drilling and hammering don’t actually destroy data but make the drive inoperable preventing data recovery.

Software Overwrite

A software based data destruction process involves using a special application or software program to write patterns of meaningless data onto each of the hard drive’s sectors. This process works by overwriting the data with a combination of 1’s and 0’s. The level of security depends on the number of times the entire hard drive is written over. This process is also known as zeroization.
 


We provide CISM training programs in the following cities:
 

HYDERABAD
CHENNAI
KOLKATA

Duration and Fees for Our Online Cyber Security Training

Cyber Security training programs usually last from a few weeks to several months, with fees varying depending on the program and institution

Program NameDurationFees
Executive Certificate Program in Cybersecurity

Cohort Starts: 28 Nov, 2024

7 months$ 2,499
Professional Certificate Program in Cybersecurity

Cohort Starts: 4 Dec, 2024

20 weeks$ 3,500
Caltech Cybersecurity Bootcamp

Cohort Starts: 13 Jan, 2025

6 Months$ 8,000
Cyber Security Expert Masters Program4 months$ 2,599

Learn from Industry Experts with free Masterclasses

  • The Future of Ethical Hacking: New Tools, Techniques, and Trends

    Cyber Security

    The Future of Ethical Hacking: New Tools, Techniques, and Trends

    18th Sep, Wednesday9:00 PM IST
  • CEH vs. CISSP vs CompTIA Security+: Which Certification is Right for Your Career?

    Cyber Security

    CEH vs. CISSP vs CompTIA Security+: Which Certification is Right for Your Career?

    11th Jul, Thursday9:00 PM IST
  • Bad, Good, and Best Password Practices: Preventing Dictionary-Based Attacks.

    Cyber Security

    Bad, Good, and Best Password Practices: Preventing Dictionary-Based Attacks.

    29th May, Wednesday7:00 PM IST
prevNext