kras99 – stock.adobe.com
The most important aspect of any company’s cybersecurity strategy revolves around how to keep enterprise data protected and how to prevent data loss. This includes data at rest, in transit and in use.
Data security technologies come in a variety of forms, including the following:
Each of these has the same goal: keeping data safe and protected.
Data security refers to the practice of protecting data from theft, loss or unauthorized access throughout its lifecycle.
Data breaches are a continuing issue for organizations. A ThoughtLab report found a 15.1% rise in the number of data breaches and cyber attacks in 2021 over 2020. Data breaches not only expose enterprise data, but also open companies up to lawsuits and fines.
Data security practices, policies and technologies are also key to keeping internal users from conducting inappropriate actions with any data.
Data security is important because it helps with the following:
The last point is significant because organizations have a variety of industry and federal regulations with which to comply, from GDPR and CCPA to the Sarbanes-Oxley Act and PCI DSS.
Data security is paramount because attackers relentlessly look for any and all vulnerabilities to infiltrate corporate networks. To keep data properly protected, enterprises can use the following seven technologies.
A firewall is the initial security layer in a system. It is designed to keep unauthorized sources from accessing enterprise data. A firewall serves as an intermediary between a personal or enterprise network and the public internet. Firewalls use pre-configured rules to inspect all the packets entering and exiting a network and, therefore, help stop malware and other unauthorized traffic from connecting to devices on a network.
Different types of firewalls include the following:
Two processes are used to ensure only appropriate users can access enterprise data: authentication and authorization.
Authentication involves users providing proof that they are who they claim to be. This proof can be providing a secret, such as password or PIN, or biometric authentication. Depending on the authentication scenario, users may be required to provide one or more additional factors when signing in, known as two-factor authentication or multifactor authentication (MFA). Step-up authentication maybe also be required if a user attempts a more restricted action after successfully logging in initially.
Examples of authentication are the following:
Once users have proven their identity, authorization determines whether the user has the appropriate permissions to access and interact with specific data. By authorizing users, they gain permissions within the system to read, edit and write different resources.
Examples of authorization are the following:
Data encryption converts data into coded ciphertext to keep it secure at rest and while in transit between approved parties. Encrypting data ensures only those who have the proper decryption key can view the data in its original plaintext form. Encrypted data is meaningless if captured by attackers.
Examples of data encryption are the following:
Keeping data at rest protected involves endpoint encryption, which can be done via file encryption or full-disk encryption methods.
Data masking obscures data so that, even if criminals exfiltrate it, they can’t make sense of what they stole. Unlike encryption, which uses encryption algorithms to encode data, data masking involves replacing legitimate data with similar but fake data. This data can also be used by the company in scenarios where using real data isn’t required, such as for software testing or user training.
Tokenization is an example of data masking. It involves replacing data with a unique string of characters that holds no value and cannot be reverse-engineered should it be captured by bad actors.
Other examples of data masking are the following:
Hardware-based security involves physical protection of a device rather than relying solely on software installed onto the hardware. Because attackers target every IT layer, companies need protections built into the silicon to ensure hardened devices.
Examples of hardware-based security are the following:
Hardware-based security often runs isolated alongside the main processor, such as with Apple’s Secure Enclave.
Organizations should save multiple copies of data, especially if they want to fully recover following a data breach or other disaster. With data backups in place, companies can resume normal business functions faster and with fewer hiccups. To ensure data resilience, organizations need protections in place to keep the backed-up data secure and ready for use.
One example of data backup protection is data vaulting, which creates air-gapped versions of backed-up data. Organizations should also follow a 3-2-1 backup strategy, which results in at least three saved copies of data in different locations.
Other types of data backup protection include the following:
It is important organizations properly delete data and ensure that deleted data is not recoverable. Known as data erasure, this process involves completely overwriting stored data so that it cannot be recovered. Also known as data destruction, data erasure often involves turning data illegible after erasing it.
Organizations must be able to properly destroy data, especially in the wake of regulations such as GDPR, which stipulate customers can request the erasure of their personal data.
Other types of data erasure include the following:
Juniper has added three features to its AIOps networking assistant to improve troubleshooting and give more insights into the …
A Florida man has been charged with running a counterfeit operation that duped hospitals, schools, government agencies and the …
Vendors are pushing heavily on the benefits of predictive analysis to automatically identify and remediate network issues. But …
The credit union, one of the nation’s largest, is using the Salesforce platform to deploy chatbots that can handle a growing set …
The pandemic has sent many enterprises into survival mode, which altered the scope of the enterprise architect’s role once again,…
Bellabeat is a women’s health company that has added a private key encryption feature for app users to better protect their data.
PC manufacturers shipped fewer than 80 million computers for the first time in seven quarters as low demand and supply chain …
The PC-as-a-service and device-as-a-service market is still developing and maturing, so organizations should learn who the major …
When organizations consider upgrading to Windows 11, they need to compare the Windows 11 system requirements to their existing …
SaaS licensing can be tricky to navigate, and a wrong choice could cost you. To get it right, examine the different types of …
Walmart built its own cloud platform and tied it to two public cloud providers, creating a multi-cloud architecture that saved …
FinOps promises to help organizations gain more value from their technology spending, especially in the cloud. Do you have the …
Integrated cloud communications platform provider announces availability of communications management service in bid to allow …
Altnet connects more than six-digit amount of new-build homes to its full-fibre network in UK and announces agreements to connect…
A high-profile case brought by NHS whistleblower Chris Day raises questions about the adequacy of information governance …
All Rights Reserved, Copyright 2000 – 2022, TechTarget
kras99 – stock.adobe.com