Data Security

Understanding Data Security

  • Data security refers to protective digital privacy measures that are applied to prevent unauthorised access to computers, databases and websites.
  • It involves safeguarding important information from corruption, compromise or loss.
  • This is a critical aspect of IT for organisations of every size and type, as it protects whatever information the organisations deems as important.
  • Ensuring data security is important for both businesses and individuals because it not only ensures privacy, it also protects personal data.

Types of Data Security Measures

  • Authentication: This is verifying the identity of a user, process, or device to allow access to system resources.
  • Authorization: This is the process of giving someone permission to do or have something. In multi-user computer systems, a system administrator defines for the system which users are allowed access to the system and what privileges of use.
  • Encryption: This involves converting data into a code to prevent unauthorised access. It uses an algorithm to transform information into an unrecognisable form called ciphertext, which can be returned to its original form with a decryption key.
  • Firewalls: These are a system designed to prevent unauthorised access to or from a private network. They can be implemented in both hardware and software, or a combination of both.
  • Backups: This is the action of copying files or data to a secure place so that they can be used if the original data is destroyed or unavailable. This is often carried out using physical hard drives or cloud storage.

Data Security Threats

  • Malware: Software that is specifically designed to disrupt, damage, or gain illicit access to a computer system.
  • Phishing: The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
  • SQL Injection: A code injection technique that might destroy your database. It is one of the most common web hacking techniques. It uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed.
  • DDoS Attacks: A distributed denial-of-service attack is a malicious attempt to disrupt regular functioning of a network, service, or website by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

Remember, understanding the various aspects of data security, how to implement them, and the threats they are designed to neutralise are key to understanding the broader topic of security and data management.