Chapter 15 - 03 - Discuss Data Backup, Retention, and Destruction - 09_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
OCR
Tags
Related
- Chapter 15 - 03 - Discuss Data Backup, Retention, and Destruction - 01_ocred_fax_ocred.pdf
- Chapter 15 - 03 - Discuss Data Backup, Retention, and Destruction - 03_ocred_fax_ocred.pdf
- Chapter 15 - 03 - Discuss Data Backup, Retention, and Destruction - 05_ocred_fax_ocred.pdf
- Chapter 15 - 03 - Discuss Data Backup, Retention, and Destruction - 06_ocred_fax_ocred.pdf
- Chapter 15 - 03 - Discuss Data Backup, Retention, and Destruction - 07_ocred_fax_ocred.pdf
- Chapter 15 - 03 - Discuss Data Backup, Retention, and Destruction - 10_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Data Security Data Retention Policy Best Practices...
Certified Cybersecurity Technician Exam 212-82 Data Security Data Retention Policy Best Practices Create different data retention Create a data retention policy that fulfils legal and business requirements 0 1 05 policies policies. for differant different data dgta types, as - per their legal and business impacts :. :. ". o @). Q) @ E ‘ K Retain customer, subscriber, and Justify Justify the the reasons reasons behind behind thed‘gg the policy 02 ‘ 06 06 userinformation user information only only till till they they are are details ® necessary necessary “Q o Start creating a policy with minimal ® Implement 80 re to manage Implement software to manage requirements and add new soquireunguts and add new 03 ) o] 02 the data retention tasks requirements as and when required. 'Y. ‘@ Create a simple policy which is easy o ° Classify data and decide if it should for the employees to implement 04 08 be archived or deleted Data Retention Policy Best Practices The following data retention best practices for an organization can help establish and enforce a more compliant and useful data retention policy suited to their needs: Create a data retention policy that fulfills legal and business requirements Justify the reasons behind the policy details Start creating a policy with minimal requirements, and add new requirements as and when required Create a simple policy which is easy for the employees to implement Create different data retention policies for different data types, as per their legal and business impacts Retain customer, subscriber, and user information only till they are necessary Implement software to manage the data retention tasks Classify data and decide if it should be archived or deleted Files which are not accessed frequently should be moved to a lower-level archive Organize and store archived data such that it is easily accessible Module 15 Page 1898 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Data Destruction Data destruction is the process of destroying data stored on tapes, hard disks, and other forms of electronic media, so that it is completely unreadable and cannot be accessed or used for unauthorized purposes The main purpose of data destruction is to restrict unauthorized disclosure of information through proper disposal and destruction of devices, equipment, computers, and media that store sensitive data Copyright © byby EC-{ cll. All Rights Reserved. ReproductionIs Strictly Prohibited.. Data Destruction Computers, smartphones, and other devices store a large amount of information, some of which may be sensitive and critical, such as emails, documents, personal photos, etc. Once not in use, the user deletes the data presuming that the information is deleted and cannot be recovered. If not deleted properly, the information still exists on the hard drive or memory chip, and anyone accessing such a system can recover these deleted files. The best way to permanently delete files or sensitive data is by implementing data destruction methods. Data destruction is the process of destructing the stored data in electronic media such as hard drives, flash drives, tapes, etc. into an unreadable form that cannot be accessed or exploited for unauthorized purposes. The main purpose of data destruction is to restrict the unauthorized disclosure of information through proper disposal and destruction of devices, equipment, computers, and media that store sensitive data. The various forms of data destruction are: * Delete/Reformat = Wipe Wipe = Qverwriting data = Erasure = Degaussing = Physical destruction = Electronic shredding = Solid-state shredding Module 15 Page 1899 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Security Benefits of Data Destruction = Data destruction protects the sensitive information of customers and employees from cybercriminals. = Hefty fines can be avoided with data destruction as a security breach can lead to various penalties. Module 15 Page 1900 Module 1900 Certified Cybersecurity Certified Cybersecurity Technician Technician Copyright Copyright ©© by EC-Gouncil EG-Gounell All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Data Destruction Policy O Data destruction policy ensures that the data stored on unused tapes, hard disks, and other forms of electronic media is deleted ted or d such that they are unreadable and cannot be accessed OQO Every organization must implement a data destruction policy Hard Drives and Flash Q Mobile Phones Memory Devices » Mobile phones have a hard » Physically destroy the optical » Overwrite the data in hard reset or cold reset button to and tape media when not drives and flash memory devices delete the installed software required using programs such as Darik’s and restore the device to Boot and Nuke, Wipe, etc. factory default settings Copyright © by EC-C cll.L. All Al Rights Reserved. Reproduction Reproduction isis Strictly Prohibited. Prohibited Data Destruction Policy A data destruction policy ensures that the data stored on unused tapes, hard disks, and other forms of electronic media are overwritten or destroyed such that they are unreadable and cannot be accessed for unauthorized purposes. Implementation of a data destruction policy reduces the chances of a privacy breach. Companies should spend their time and money on a data destruction policy since they have to safeguard their data and prevent a data breach. Every organization must implement a data destruction policy. Implementation of a data security policy: For implementing a data security policy, all devices and media no longer used by an organization should be securely removed, destructed, or overwritten. = Mobile phones - iPhones, Androids, Blackberries, etc.: Mobile phones have a hard reset or cold reset button to delete the installed software and restore the device to factory default settings. = DVDs and other tape storage drives: Physically destroy the optical and tape media when not required. = Hard drives and flash memory devices: Overwrite the data in hard drives and flash memory devices using programs such as Darik’s Boot and Nuke, Wipe, etc. Module 15 Page 1901 Certified Cybersecurity Technician Copyright © by EC-Gouncil EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Data Destruction Techniques Ny -.b Clearing. rechnique Technique to clear data in all user-addressable storage »> Overwriting @ @] & spaces » Wiping g j LAl » Cannot be used for damaged or non-rewritable media %> Erasure Purging » Technique to remove data permanently from a storage /) 9] space by applying strong magnetic fields fields »» Degaussing Degaussing g Q » Strong magnetic fields can damage nearby devices XyRy LT s » Technique to destroy data by destroying the storage » Disintegration, incineration, \ fi] @ medium pulverizing, and pulping » Best method for destroying sensitive data » Shredding Copyright © by All Rights Reserved. Reproduction is Strictly Prohibited. Data Destruction Techniques The different data destruction techniques are listed below. 1. Clearing Clearing is a data destruction technique that protects sensitive information against keyboard attacks. This technique is used to clear the data in all user-addressable storage spaces. The information eliminated by this method will not be recovered through data, disk, or file recovery tools. This technique is not applicable to damaged or non- rewritable media. Overwriting, wiping, and erasure are the methods used for clearing information. o Overwriting: Overwriting is @a method of writing new data over old data with the purpose of eliminating the old data completely. Occasionally, this is accomplished in a single attempt. However, if the medium implements strong security, multiple passes may be required. This ensures that all information is destroyed and that no recovery tool will be able to recover it. o Wiping: Data wiping is a method of clearing data from an electronic device so that the data cannot be read any longer. It is performed by physically connecting an electronic device to a wiping device. Once the information is wiped from an electronic device, the device can be reused without losing storage capacity. o Erasure: Erasure is another method used to delete all the data in a hard drive such that the data can no longer be recovered. This method is used by businesses that have leased equipment or wish to reuse hard drives for storing different information. Module 15 Page 1902 EC-Council Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security 2. Purging Purging is a data destruction technique that protects sensitive information against laboratory attacks. This technique is used to remove data permanently from a storage space by applying strong magnetic fields, which can damage nearby devices. A laboratory attack occurs when an unauthorized individual uses signal processing recovery tools in a laboratory environment to recover sensitive information. Degaussing and executing the Secure Erase firmware command are two purging methods. o Degaussing: Degaussing is a method of using high-power magnets to disrupt the magnetic field of magnetic media such as hard disk drives and magnetic tapes. This method cannot be implemented on optical media such as DVDs. Degaussing a hard drive disk typically renders it inoperable, thus making it impossible for a user to check whether all the data have been destroyed. This method is effective in destroying storage media with large amounts of information, but it is inappropriate if the user wishes to reuse the storage device for storing different information. 3. Destroying Destroying is a data destruction technique of physically destructing the storage media through a variety of methods such as disintegration, incineration, pulverizing, shredding, and pulping. This method is used in circumstances where the complete destruction of data along with physical media is required. This is considered the best method for destroying sensitive data. o Disintegration: This is a physical destruction method that not only destroys the information stored in storage media but also the physical media containing that information. o Incineration: Also known as burning, incineration is an effective technique for deposing information written on white paper. However, destroying compact disks, DVDs, USB devices, or other storage systems via incineration can create environmental issues due to toxic fumes. Hence, this technique is recommended to be employed for erasing data on paper. o Pulverizing: In this method, documents of confidential data are dumped into a pulverizer that uses a hydraulic process to reduce the data objects or documents to shards and loose fibers. Few commercial businesses use this technique owing to the lack of availability and cost concerns. o Melting or pulping: Melting or pulping is the process of liquidizing documents that hold confidential data. It is important to ensure that the data on the documents are securely taken to the pulping facility, and the documents should be closely monitored until the pulping process is completed. o Shredding: This is another physical destruction method used to destroy information stored in storage media such as hard drives, optical drives, smartphones, tablets, and credit-card swipe devices. It breaks the electronic media into multiple pieces not Module 15 Page 1903 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security larger than 2 mm. This method is especially useful to destroy data stored in an organization’s data center or in a large stockpile of old hard drives and media. 4. Disposal Disposal is a technique of eliminating information without considering data destruction. This technique is applied to documents containing nonconfidential information. The disclosure of such information will not affect the organization’s goals, lead to any financial losses, or harm an individual. Module 15 Page 1904 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.
