Data security is the protection of digital data, such as those in a database, from destructive forces and the unwanted actions of unauthorized users such as your hackers and cyber-attacks.
Data security keeps your hackers away from confidential data. And if your security is not of good principles the hackers will get your data. According to research, over 30 million people in South-Africa’s data were breached. Personal detail like National ID numbers, names, addresses, genders, birth dates and ethnicities was leaked.
A question to ask is: What do hackers really want to do with your data?
There are 4 reasons to state this question.
1. Data Ransom:
Hackers want to steal your data so that they can hold it for ransom. This attack is called ransomware attack. Ransomware attack is of the fastest-growing types of cyber-attacks. Hackers execute ransomware by gaining unauthorized access to data, then encrypting it or moving it and charging a ransom in order to restore your access to it. Prevention of ransomware is to make sure that access to data is restricted by strong access controls. Like making frequent backups of data which can help.
2. Identity Theft:
3 Billion accounts worth of data were breached recently. Attackers can then exploit that personal information to break into other accounts, where they will attempt to steal identities and so on. To prevent this identity theft is to avoid using the same password for multiple accounts so that if the attacker steals your password for one service, the attacker won’t be able to use it to break into another account.
3. Stealing Infrastructure:
Servers and storage spaces are expensive. Hackers want to break into your system so they can get the stored data on your infrastructure, instead of paying for their own. To prevent this attack is to avoid exposing infrastructure to the public internet unless necessary. The less the attacker can see your infrastructure, they’ll be less likely to want to take control of it. Firewall can help, but a hacker will try to find a backdoor to gain access. Best practice is to limit your public-facing services.
4. Just Because:
Hackers unfortunately just want to steal data just to prove that they can. They are not motivated by monetary gain, access to free resources or the ability to steal your users’ identities. There is no way to respond to these types of attackers. You just need to follow simple data security best practices in general. Monitor your system for signs of attacks. Try avoiding unnecessary attack vectors.
Data Security is seen as of most important by the CIA triangle. Confidentiality, Integrity and Availability.
Confidentiality:
Most commonly type used is your encryption. It’s a process of encoding information in an unreadable type. Through my experience encryption in a system is a must. Hackers is just waiting for an opening to steal data from a company. So, implement encryption immediately when an application is deployed to the internet.
Integrity:
This ensures that only the correct people will be able to see privileged company information. Basically, seen as a permission for users who has access to certain parts.
Availability:
Means for an application to be up and available for use. Applications need to be dependable in order to be functional, which requires they be up and running whenever the organization is.
Published By: Duncan du Plessis