Data Security and access

Data security is the process keeping secure the user and system data by using an authentication mechanism, encryption, and access control. There are a number of methods that you can implement to ensure the security of critical data stored on PCs.

Access to any data must be granted only when it is accessed by an authorized employee of the company. There are a number of important things to consider when setting access control. The folders should be secured using appropriate permissions. The local security policies including the right to log on to locally and access the computer from a network should be defined on the computers to restrict access as a legal warning. You should also be careful to audit the access to any critical data that your company might have.

Data backup is one of the main fundamental elements to ensure that the data is secure in the event of a major disaster or sometimes even a simple problem. The backed-up data is copied and stored to another media such as a magnetic tape or CDs or DVDs, which are then safely and securely stored at an offsite location. Some backup methods include:

This method of backup ensures that all your data is backed up in a single backup job. The backed-up data should include systems files, applications, and all users data on their pc. A full backup can take a lot longer to finish, however, it can be restored quicker if there is a major problem.

The incremental method of backing up all your data is when the changed data, after the last full or incremental backup, is only backed up. An incremental backup uses archive bits and changes them after the backup process has finished. This type of backup takes the least amount of time to complete. However, it is the slowest method when data needs to be restored.This is because the last full backup tape and all the incremental tapes after the full backup are required to restore all the data.

The method of differential backup is when all the data that has changed after the last full backup, is then added to the backup. This method does not change the archive bits and so does not disturb any incremental backups that are scheduled. Since differential backup does not use any archive bits, the differential backup tapes will contain duplicate data. When you are restoring the data, only the last full backup tape and the differential backup tape are required to restore. This method is faster to restore data than the incremental backup.

You can use a mix of backup methods to help you secure your data. Depending on the size of the organization you might need to implement them or, or you might only need to implement one. One of the common used backup methods is to use a combination of full backup on the weekends, while things are quiet and then incremental backups on the weekdays.

Encryption is the process of securing and encoding a message using a cryptographic algorithm so that it is unreadable until it is decrypted.The encryption converts readable plain text into a cryptographic text, or sometimes known as cyphertext. Encryption is also used as a protective cover for locally stored data, including data that is transmitted over the network. Encryption allows you to keep the data secure from unauthorized access by users and by hackers, and is especially important in areas where there is dial up access or wireless access to your network.

Symmetric algorithms or sometimes known as symmetric key algorithms, use one key for both the encryption and the decryption of messages. The sender of the data and the receiver both keep a copy of the secret key. This process is also known as the secret key encryption or shared secret encryption. Sometimes also called the Private Key Encryption. Popular symmetric algorithms are Data Encryption Standard (DES), 3DES, Advanced Encryption Standard (AES), and International Data Encryption Algorithm (IDEA

Asymmetric algorithms are used for Public Key Cryptography. Asymmetric algorithms will use two keys, one for the encryption, called the public key, and the other key is for decryption, called the private key. The encryption key can be freely distributed, however the private key must have strict and known access only.

A hashing algorithm which is sometimes called the Hash Function, creates a small and unique digital fingerprint from any data. This fingerprint is then known as the hash value. The hash value is represented as a short string of random numbers and letters. If the original data changes by even a single digit, the hash function will create a different hash value. The receiver will know that original data has changed. The hashing function is a one-way process because it is not possible to create the original text using any reverse hashing functions. This is why the hashing functions are also called one-way hashing functions. Some examples of hashing algorithms include message Digest 5 (MD5) and Secure Hashing Algorithm (SHA-1).