Chapter 15 - 01 - Understand Data Security and its Importance - 02_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Data Security Exam 212-82 Data Security Data security involves the application of various data security controls to prevent any intentional or unintentional act of data misuse, data destruction, and data modification LJ L Three Critical States of Data Security Data in Use ¢ o Data at Rest Workstations Laptops ‘ Data in Rest I — pra. 1] = v NN Data in Use —1 - —= == = Databases/Repositories.. | I Firewall \ Workstations Data in Rest @ Copyright © by EC Internet L. All Rights Reserved. Reproduction is Strictly Prohibited Data Security Data security involves the application of various data security controls to prevent any intentional or unintentional act of data misuse, data destruction, and data modification. An organization's data is considered to be secured when they have sufficient provisions for: = Restricting data from intentional or accidental destruction, modification, or disclosure = Recovering lost or modified data following incidents = appropriate data retention and destruction policies Three Basic States of Data = Data at rest: This data is inactive and is stored on a device or a backup medium such as hard drives, laptops, backup tapes, mobile devices, or at the offsite cloud backup. Data at rest remains in a stable state. The data at rest will not move actively in a system or network and cannot be accessed by an application or program. = Data in use: This data is stored or processed by RAM, CPUs, or databases. It is not passively stored on the system, but actively moves across IT infrastructure. It is updated, erased, processed, accessed, and/or read by the system. = Data in transit: This data actively moves from one location to another across the network, or is encrypted before moving and/or being transmitted through encrypted connections such as HTTPS, SSL, transport layer security (TLS), FTPS, etc. Module 15 Page 1750 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 Data in Use @ Laptops — Workstations Data in Rest | o4 Y Y Workstations Data in Rest @ S Databases/Repositories Internet Figure 15.2: Three basic states of data Module 15 Page 1751 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 Example: “Data at Rest” vs “Data in Use” vs “Data in Transit” @ Proper implementation of data security measures are required in each state to proactively enhance data security “ V4| sit Inactive data stored in digitally Description Data traversing using some means at a physical location Deta stored in Customer bank balance stored Examples Security Controls Y of communication - S e Data stored in RAM An email being sent « = Authentication techniques G. ht control on this data’s Data encryption = Password protection - Tokenization Sl o :':cessibllity S. = Strong identity management :an:il e:;gm::n tools such as or s * Firewall controls Example: “Data at Rest” vs “Data in Use” vs “Data in Transit” A proper implementation of security measures is required in each state to proactively enhance data security. The following table describes the various states of data, their specific examples, and security controls to protect against attacks. Data at Rest Data in Use Inactive data stored in Description | digitally at a physical location Examples Custom'er s Banee stored in database i zcex::\l::)tl‘:’s = Password. protection. el t.p S |on. " Boticncnmon Data stored in memory Data traversing using some means of communication Data stored in RAM An email being sent =. = Data encryption Data in Transit = * = Authentication hni.trechmques o Tight control , on e. this data’s accessibility Full memory encryption Strong identity = SSLand TLS Email encryption tools such as PGP or S/MIME = Firewall controls management Table 15.1: Data at rest vs Data in use vs Data in transit Module 15 Page 1752 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Data Security Exam 212-82 Information Management Lifecycle o o ) ) =) m 7N The management of information helps organizations meet legal, compliance, and competitive requirements EN @ AR L E LX) e LV (R LI e Information lifecycle management monitors and tracks the passage of information through several stages from creation to destruction { Erasure Storage ’ ‘ Organization - l N [ Utilization Effective information lifecycle management has enormous benefits for organizations such as reduced risks and cost, enhanced services, and effective governance Copyright © by All Rights Reserved. ReproductionIs Strictly Prohibited. Information Management Lifecycle The information management lifecycle helps organizations meet legal, compliance, and competitive requirements. Information lifecycle management monitors and tracks the passage of information through several stages from creation to destruction. A lifecycle management policy protects the integrity of data throughout the lifecycle processes. Effective information lifecycle management has enormous benefits for organizations such as reduced risks and cost, enhanced services, and effective governance. Information passes through a series of stages. Information lifecycle management involves the monitoring and tracking all these stages to verify that the data are managed properly. Although no common list of stages is used, variations include similar operations. The following are the various stages of the information lifecycle. = Creation/gathering: In this stage, the information is gathered in a manageable environment. The data can be generated internally by automated sources or employees as well as by outside sources such as vendors and clients. Metadata creation is also performed in this stage for later identification. = Organization: The information can be stored at one or many locations. In the case of critical information, control over distribution and storage protection is mandatory. The information can also be classified and tagged in this stage. = Utilization: Occasionally, the data need to be transferred to new locations or converted to new formats, or more metadata need to be added. In such cases, all necessary developments and modifications are performed in this stage to ensure that the data are useful and available for authorized users or accounts. Module 15 Page 1753 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security = Remediation: Information must often be migrated and converted so that software products can utilize it effectively. It is mandatory to maintain integrity while performing these activities and to follow remediation methods in case of problems. = Storage/retention: Occasionally, information that is not useful minimize the amount of data information systems can manage retention. The data can be restored from archives when required. * at present must be archived. The archived data can be used later for regulatory purposes. Archival policies and allow secure Erasure/destruction: When information is no longer useful and need not be archived, it should be formatted or erased permanently without leaving any residue. Destruction { Creation N N\ N Erasure Organization Storage [ Remediation Utilization / \ Figure 15.3: Information management lifecycle Module 15 Page 1754 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.