Recent breaches of Personal Identifiable Information (PII) highlight the failure of technical mitigation to prevent external threats. Whenever you send personal information across the internet, be it passwords, credit card information or personal contact details, encryption stops others from seeing what you are doing. Data is jumbled up in a manner so that when it travels through the internet it is completely unreadable, this stops hackers who may intercept the data from seeing what you’re doing. Cryptography is the process which meres words with letter, numbers and images to be viewed by the public, while not revealing the meaning of the message. Once a message has been encrypted it is secure to transmit or to remain at rest. The …show more content…
The first phase is data in motion, which is data being transmitted over a network, generated, updated, erased, or viewed. Next, data at rest, ie… data storage area, tablets, laptops or on desktops, mobile phones, and Iot devices.
Each presents unique challenges. And each may have different tools and methodologies that can be used to secure it.
Data in motion, as stated earlier, is literally data streaming from one place to another and can use many different types of networks to include the internet or email. Since a network contains many nodes where different clients are connected to the same network.
The most common method of protecting data in motion is the use of a secure sockets layer virtual private network (SSL VPN). Technologies such as SSL VPN are critical in the effort to protect against man-in-the-middle attacks and packet sniffers. (this is an entire paper by itself).
Encryption types for data-at-rest include the following:
Full Disk Encryption (FDE) for endpoint protection
Full Disk Encryption with Pre-Boot Authentication (FDE w/ PBA) for endpoint protection
Hardware Security Module (HSM) for key management lifecycle protection
Encrypting File System (EFS) for storage protection
Virtual Encryption for storage protection
File and Folder Encryption (FFE) for unstructured data protection
Database Encryption for structured data protection Data-in-use is the hardest to protect, it has to be decrypted and therefore exposed in order
The most secure networks are those that incorporate a virtual area network. This allows updating of information by employees and approvals or verification of those updates by authorized personnel. Access to this information calls for password and username protection by way of 128-bit encryption standards. If further, more detailed information would need updating or change, an authorized person will be required to input their information, including fingerprints. This is called multi factor authentication.
Data in flight refers to which the data moves through communication media like copper wires . Encrypting data-in-flight involves encrypting the data stream at one point and decrypting it at another point ,the data will be remaining for long periods of time .Information passes through the computer network, in local means data travelling across Ip based networks.
1, Distinguish data from information and describe the characteristics used to evaluate the value of data?
Pressures are mounting for organizations to implement encryption solutions. With the staggering costs of data loss, encryption projects are on the rise. Using encryption as a tool to protect information and prevent data loss is certainly not a new tactic. Data breaches are happening every day, around the world. So why is it important today? Using encryption as a tool to protect information and prevent data loss is not a new tactic (Skinner , Eric, 2008) . There are many reasons now that make encryption more important than ever. Data being breached is happening everyday around the world. There isn’t a day that doesn’t go by that I don’t hear something in the news about something being breached. Or information being leaked and every year breaches are becoming more costly. There are several types of data encryption used in today’s world. Some of these are file and folder encryption, e-mail encryption, full-disk encryption, mobile data encryption, cloud encryption, and application encryption.
If personal data is required for a use, it should be secured. Millions of people use the internet basically everyday. The issue of information security and data privacy is assuming tremendous importance among global organizations and particularly in an environment marked by computer virus and terrorist attacks. As crucial information of a financial, insurance, medical and personal nature begins to get handled by remotely located offshore outsourcing service providers, there is a growing concern about the manner in which it is being collected, stored and utilized. But luckily the government is taking action by the following, “Government and law enforcement officials contend that access to such information spurs rapid identification of criminals, helping to combat credit fraud, terrorism, and illegal immigration” (Privacy).
A Systems Approach to Conduct an Effective Literature Review in Support of Information Systems Research
Authentication is defined by Essentials Guide as is the process of determining whether someone or something is, in fact, who or what it is declared to be.
According to identitytheft.info, almost 15 million Americans have their identity used fraudulently due to information leaks and information insecurities. With the growing dependency on computer systems to store confidential information across the world, it is only necessary that that the information be protected by strong security systems which include both hardware and software so that both the businesses and the consumers feel safe in the transportation of information over the inter-webs. Contemporary Information security systems use many different components involving both hardware and software
In information security, computer security and network security an Asset is any data, device, or other component of the environment that supports information-related activities. Assets generally include hardware (servers and switches), software (e.g. mission critical applications and support systems) and confidential information. Assets should be protected from illicit access, use, disclosure, alteration, destruction, and/or theft, resulting in loss to the organization. Security assets are quite helpful for large or small companies and have many different ways of protecting one’s information.
Overall information systems hardware, software, networks and data resources need to be protected and secured to ensure the effective performance of an organization. One security technique used by organizations to protect their computer systems from security threats is encryption this is a method used by organizations to send data to others it works by using special mathematical algorithms to convert the data into scrambled code before transmission and when the data is received it is decoded when an authorized user accesses it. In my opinion, this is very effective because it stops people from being able to read or use data if they intercepted it as the is in a scrambled letter and number form. Another security technique is a firewall this
Traffic encryption techniques such Socket Layer and Transport Layer Security (TLS) for security are commonly used.
It is more secure and versatile than having all administrations packaged in a solitary layer.
With the increasing popularity of the Internet, new technologies have introduced to provide secure access to the resources from remote clients. Virtual Private Networks are becoming the most universal method for remote access. They enable service provider to take advantage of the power of Internet by providing a private tunnel through the public cloud to realize cost savings and productivity enhancements from remote access applications. VPNs securely convey information across the Internet connection to remote users, branch offices and business partners into an extended corporate network. This paper is an attempt to provide an overview of VPN and its services and how the
Encryption of stored data is another technique intended to be applied. This technology is set to counter threats associated with third party storage providers, where by the data and information stored is rendered unusable without an encryption key. This will enhance the security of data even when in the hands of other storage providers hence protecting critical information from external attack.
Data transfer is basically what bandwidth is all about. It’s transferring the data, so to make it easier to remember and to make it obvious what it’s all about.