Data Security: Threats, Prevention & Recovery

Questions and Answers

Explain how poor information management can increase the risk of unauthorised data access.

Poor information management, such as insecure data storage, or excessive access rights, increases the likelihood of unauthorised individuals viewing sensitive data.

Describe the potential impact of accidental data loss on a company's operations and its compliance with data protection laws.

Accidental data loss can disrupt operations, delay processes, and lead to a breach of the Data Protection Act (2018) if personal data is involved, violating the principle of availability.

What steps should an organisation take after discovering that data has been intentionally destroyed by a malicious actor?

The organisation can replace the lost data and infected systems or choose to ignore the loss, while also having to recollect/re-analyze the lost data.

How might data tampering, such as altering financial records, impact a company's stakeholders and its public image?

Data tampering erodes trust, damages reputation, and may lead to legal repercussions, especially if it involves misrepresentation to investors or stakeholders.

Outline the possible consequences for an organisation if its intellectual property is stolen by a competitor.

Loss of competitive advantage, decreased impact of product launches, and potential financial losses could be the consequences.

If a user's credentials are stolen and they lose access to a paid online service, what broader impacts might this have on the service provider?

Users losing access may switch to alternative providers, harming the original service's reputation and customer base.

Describe the potential legal and reputational ramifications for an organisation that experiences a breach of confidential information.

Legal consequences under the Data Protection Act (2018), fines from regulatory bodies like the ICO, court cases, and a significant loss of reputation can occur.

What are the challenges and risks associated with storing third-party data, such as in cloud storage, and how can businesses mitigate these risks?

Risks include data breaches, service outages, and legal liabilities; mitigation involves robust security measures, data encryption, and clear contractual agreements. Choosing a reliable cloud storage provider is important.

Explain how data loss can lead to a significant loss of reputation for an organisation, and what steps can be taken to restore trust?

Data loss erodes trust, leading to customer attrition. Steps to restore trust include transparent communication, improved security measures, and compensation for affected parties.

Detail the possible financial and personal ramifications for an individual who becomes a victim of identity theft due to a data breach.

Victims may suffer financial losses from fraudulent transactions, damaged credit scores, and significant time and effort to resolve the identity theft issues.

In what ways could the loss of classified data threaten national security, and what types of information are most critical to protect?

Compromised military plans, security vulnerabilities, and government strategies could be exploited by adversaries, necessitating robust protection of such critical data.

Why is it important to clearly assign specific staff members to be responsible for certain types of data within an organisation?

It ensures accountability, clarifies roles, and makes individuals responsible for data loss, enhancing overall protection.

Explain why limiting the number of staff who have access to sensitive data can reduce the risk of data loss or tampering.

It minimizes the potential for accidental or intentional data breaches and unauthorized access, reducing the attack surface.

What are the key elements that should be included in a comprehensive disaster recovery policy to effectively protect data?

Risk analysis, preventive measures, staff training, contingency plans, recovery measures, and policy updates are key elements.

How can organisations assess the effectiveness of their data protection measures and identify potential vulnerabilities?

Regular risk assessments, security audits, training drills, and testing of security measures can identify weak points.

What are some examples of cost impacts that organisations may face when implementing and maintaining strong data security measures?

Software costs (e.g., firewalls), hardware costs (e.g., secure storage), training costs, and security staff costs are examples.

Explain how physical security measures like shredding documents and using locks can contribute to overall data protection.

Shredding prevents unauthorized access to sensitive paper documents, while locks restrict physical access to secure areas.

Describe how logical protection measures such as strong passwords, anti-malware software, and firewalls help secure computer systems and data.

Strong passwords prevent unauthorized access, anti-malware software removes threats, and firewalls block unauthorized network traffic.

How does encryption protect data, both when it is stored and when it is being transmitted across a network?

Encryption converts data into an unreadable format (ciphertext), securing it both at rest and in transit, only authorized systems with a decryption key can understand.

Explain the purpose of tiered levels of access in data security and provide examples of different access levels.

Tiered access grants different permissions to users, such as no access, read-only, and read/write, ensuring only authorized personnel can modify data.

Flashcards

Unauthorized Data Access

Viewing data without proper authorization, potentially due to espionage or poor information management.

Accidental Data Loss

Irretrievable loss of original data due to equipment failure, technical errors, or human mistakes.

Intentional Data Destruction

Purposely damaging an organization by deleting data or denying access, including viruses, DDOS attacks, or ransomware.

Intentional Data Tampering

Changing data, making it inaccurate, through fraudulent activity like hacking or tampering with financial records.

Loss of Intellectual Property

Loss of designs, inventions, and creative works, impacting competitive advantage and future announcements.

Loss of Service and Access

Inability to access services due to stolen usernames/passwords or malicious attacks like DDOS, leading users to seek alternatives.

Breach of Confidential Information

Exposure of highly sensitive information leading to a loss of reputation, legal consequences, and penalties from regulatory bodies.

Loss of Third-Party Data

Losing data stored for others, impacting trust, reputation and potentially leading to legal action.

Loss of Reputation

Customers lose trust in an organization and go to their competitors.

Identity Theft

Using stolen personal information for fraud and impersonation, leading to financial loss and credit issues.

Threat to National Security

Compromised classified data leads to harm to a country.

Staff Responsibilities

An organization must have adequate and effective measures in place so that staff can confidently handle data.

Disaster & Recovery Planning

A detailed and efficient plan in the event of data loss due to disaster.

Before the disaster

Analyzes risks, takes security measures and trains stuff.

During the disaster

Staff should follow their training and protect the data.

After the disaster

Follow Recovery measures.

Assessment and Effectiveness

Testing the security measures in place, they can identify any weak-points and fix those highlighted vulnerabilities to minimise the possibility of external and internal data intrusion.

Logical protection

Digital methods of security to protect computer systems and data.

Firewall

Prevents unauthorized access to or from a network.

Tiered Levels of Access

To grant different types of permissions to certain users.

Study Notes

• These notes cover various aspects of data security, including unauthorized access, data loss, intentional destruction/tampering, loss of intellectual property/service/access, breaches of confidential/third-party data, loss of reputation, identity theft, and threats to national security.
• They also include staff responsibilities, disaster recovery planning, assessment and effectiveness of security measures, physical security measures (shredding, locks, backups, biometrics, security staff), and logical protection (usernames/passwords, anti-malware, firewalls, encryption, tiered access levels, obfuscation).

Unauthorized Access to Data

• Data should only be viewed by authorized individuals to maintain confidentiality.
• Espionage and poor information management are primary causes of unauthorized data access.
• Espionage involves collecting data for use against an organization, like a competitor gaining pre-launch information about a rival's product.
• Poor information management includes insecure data storage or excessive access to sensitive information.
• Unauthorized access can benefit competitors and violate the Data Protection Act (2018) if personal data is involved.

Accidental Loss of Data

• Data loss refers to the irretrievable loss of original data, not just copies.
• Equipment failure or technical errors (database crashes, hard drive failures) can lead to data corruption and loss.
• Human error, such as accidentally deleting files or discarding important documents, is another cause.
• Data loss can nullify hours of data entry and collection efforts and delay dependent processes like analysis and trend recognition.
• Loss of personal data breaches the availability principle and the Data Protection Act (2018).

Intentional Destruction of Data

• This involves purposely damaging an organization by deleting or denying access to data.
• Examples include viruses, DDOS attacks, and ransomware.
• Ransomware encrypts files, requiring a fee for decryption and access.
• Organizations can respond by replacing data and infected systems or ignoring the loss while recollecting/reanalyzing data.
• Data destruction can lead to a loss of customer trust, decreased profits, and reputational damage.
• Failure to report breaches can result in significant trust loss, as seen with Yahoo's delayed confirmation of a massive 2013 data breach affecting 3 billion accounts.

Intentional Tampering with Data

• Occurs when data is changed, resulting in inaccuracy.
• Includes fraudulent activities, such as hacking and altering webpage information or manipulating financial data.
• Data tampering results in a loss of reputation due to a lack of trust in data accuracy.
• Altering personal data violates the integrity principle.
• Data security methods must be reviewed, and employees involved may face termination and legal action.

Loss of Intellectual Property

• Intellectual property includes designs, developments, and creations of an organization or individual.
• Examples range from manuscripts and artwork to primary data, blueprints, and analysis reports.
• The impact of loss depends on the property and the ease of recreating or recollecting it.
• Stolen intellectual property can benefit competitors, and leaked announcements lose their impact.
• In 2017, HBO experienced property leaks when Game of Thrones episodes were stolen, leading to online piracy.

Loss of Service and Access

• Stolen usernames and passwords can prevent users from accessing paid services.
• Hackers can change account settings and lock out original account owners.
• DDOS attacks can target services so users cannot log in to webpages or online services.
• Users may switch to alternative providers if services are disrupted.

Breach of Confidential Information

• Confidential information is highly sensitive and requires strong protections to maintain integrity.
• A breach of confidential information leads to a loss of reputation and legal consequences under the Data Protection Act (2018).
• Penalties from the Information Commissioner's Office (ICO) may occur for failing to protect personal data.

Loss of Third Party Data

• Organizations store data for themselves and third parties like cloud storage providers.
• Hacking or outages can cause data loss for customers, leading to anger, loss of trust, and legal proceedings.
• Larger businesses use private cloud storage in self-maintained data centers to avoid third-party reliance.

Loss of Reputation

• Organizations build reputations on customer trust over years.
• Data loss can quickly destroy reputation, causing customers to seek competitors.
• Failing to keep data safe breaches moral and legal obligations, leading to reduced earnings and sales.

Identity Theft

• Stolen personal information can lead to identity theft.
• The attacker uses the victim’s data for fraud or impersonation.
• Victims may experience financial loss from unauthorized loans, purchases, or services.
• Credit checks can be affected, leading to future financial difficulty.

Threat to National Security

• Loss of classified data (military arrangements, security weak-points, government plans) to malicious entities can have disastrous consequences.
• Foreign spies or terrorists could use information to target vulnerable locations.
• Economic threats may arise from stolen or redirected funds.

Staff Responsibilities

• Staff members spend significant time handling data, so companies need effective protection measures.
• Assigning specific staff to manage types of data ensures accountability.
• Access rights to sensitive information should be limited to those who need it for their job role.
• Training should cover basic data security techniques and protection from unauthorized access and loss.

Disaster & Recovery Planning

• Crucial to have a detailed disaster recovery policy in case of data loss.
• Disasters include natural events, hardware/software failures, and malicious damage.
• Before the disaster: analyze risks, implement preventive measures, and train staff.
• During the disaster: staff follow training, implement contingency plans like cloud uploads or secure backups.
• After the disaster: recover using backups, replace hardware, reinstall software, and update disaster recovery policies.

Assessment and Effectiveness

• Organizations should conduct periodic security risk assessments.
• Training drills prepare the company for potential disasters or data loss.
• Testing security measures identifies weak points for remediation.
• Cost impacts include expenditures on security software, hardware, training, and security personnel.
• RFID is used by IT companies to track equipment and manage access.

Physical Security Measures

• Include shredding, locks, backups, biometrics, and security staff.
• Shredding: Cutting up documents to prevent reassembly and reading.
• Locks: Prevent access to server rooms and sensitive stores.
• Backups: Regularly taken and stored securely offsite or on cloud servers.
• Biometrics: Uses human characteristics to grant access.
• Security Staff: Prevent unauthorized access and monitor secure areas.

Logical Protection

• Involves using digital methods to protect systems and data.
• Usernames & Passwords: Match usernames with secure passwords. Passwords should be complex and changed regularly.
• Anti-Malware: Scans systems and removes viruses and spyware.
• Firewall: Prevents unauthorized access to or from a network by filtering data packets. Implemented via hardware or software.
• Encryption: Converts data into an unreadable format using encryption at rest (stored data) and in transit (transferred data).
• Tiered Levels of Access: Grant different permissions: no access, read-only, or read/write.
• Obfuscation: Deliberately changes data to be unreadable to humans but still understandable by computers.