Basic Data Security
WHAT IS DATA SECURITY?
is the process of keeping data secure and protected from not only unauthorized access but also corrupted access. The main focus of data security is to make sure that data is safe and away from any destructive forces. Data is stored as rows and columns in its raw form in the databases, PCs as well as over networks. While some of this data may be not that secretive, other might be of private value and importance. But unauthorized access to such private information or data can cause many problems such as corruption, leakage of confidential information and violation of privacy.
Thus, the importance of Data Security comes into play. Data Security is in the form of digital privacy measures that are applied to avoid this unauthorized access to websites, networks and databases. There are many ways of protecting or securing data which is important and some of them include encryption, strong user authentication, backup solutions and data erasure. There are many international laws and standards that govern data security measures. Data Protection Acts are implemented to ensure that personal data is accessible to those whom it may concern.
1. FULL DISK/PHONE ENCRYPTION
Disk encryption is one of the most commonly opted for data security technology or methods. This is a technology through which encryption of data on a hard disk drive takes place. This technology takes place in two major ways — software or hardware. In disk encryption, data is converted into unreadable codes that cannot be accessed or deciphered by anyone who is unauthorized. There are several ways and tools to carry out disk encryption, and these tools may vary in the security offered and features used. Even though there are many benefits of using this method, there are also certain weaknesses or vulnerabilities.
What many don’t realize is how important this is. You have to encrypt your hard drive. Imagine if your laptop gets stolen right now and you had sensitive data in the hard drive. Bypassing Windows/MacOs login screen is easy but decrypting a hard drive isn’t. It is important to do this it keeps your files secure and locked from prying eyes. Do the same with your phone. All android phones come with encryption. For Windows try Bitlocker or VeraCrypt. For MacOS try File Vault. For Android try the Inbuilt Version.
2. DATA BACKUP
One of the easiest yet most effective ways to avoid data loss or to lose important and crucial files is by taking a backup of your data regularly. There are many ways to take backup and it is up to you how many copies of your data you wish to keep. While external hard disks are a common way to take backup, these days cloud computing too proves to be a cheap and easy way to maintain a backup of all files at a safe location. Of course, a backup won’t prevent data loss but would at least ensure that you don’t lose any information of importance.
3. DATA MASKING
Data masking is another data securing technology that can be brought into use by those who wish to secure their data. Another term that is used to refer to data masking is data obfuscation and is the process through which one can hide original data with random characters, data or codes. This method is especially very useful for situations where you wish to protect classified data and do not want anyone to access it or read it. This is a good way to let the data be usable to you but not to the unauthorized hacker or user.
4. DATA ERASURE
Data erasure, which is only known as data wiping and data clearing is a software-based method of overwriting information or data and aims to totally destroy all data which may be present on a hard disk or any other media location. This method removes all data or information but keeps the disk operable. Many OSes especially Windows dont have this feature built in so you’ll need to look for a reputable software to do this. I’ll update this section when i find one. Erase your data 8 times! Check this post out: How to Securely Wipe Drives
5. STRONG PASSWORDS
The first step that every business or individual must most take is to establish strong passwords for all your accounts, bank details and other kinds of accounts. Also, one must try to keep very strong passwords that may not be easily guessed by anyone. The passwords must be a combination of characters and numbers. The password must be easy to remember for you but should not be your birthday, your name, or any other personal detail that anyone else could guess. The password must be between 8–12 characters long, at least. My recommendation? 20 characters long. Or instead opt for a Passphrase instead of a password.
6. ANTI MALWARE/VIRUS
Not every virus out there is out to destroy your computer or encrypt it. Some try to steal your files and send them to the attacker/maker. So you have to have policies set in place to protect against this. No 1 on that list is consider getting a reputable and good anti malware protection software. Whether it is paid or free, make sure it is good. With one search online you can find good ways to test your antivirus e.g there are reputable sites from big companies with viruses easy to get rid of that can test your defenses. Like a vaccine to an immune system. I suggest you dont try this but if you believe that you are truly tech savvy, it could offer some insights.
7. GOOD BROWSING PRACTICES
You wont believe how many people download viruses willingly(but unknowingly). The no 1 culprit? Cracked and/or Pirated Games and Software. Trust me i know. I have done it way more times than am willing to admit. Especially with games. But what people don’t get is that there’s always a catch. To crack that software, someone needs to buy it first. They then need to invest time cracking it. And as obvious not everyone can crack a game or software, only programmers and guess what? most hackers are programmers! You cant know how to hack without knowing how to program unless you are a script kiddie and it is highly unlikely that script kiddies can crack software. To hack something you need to know the insides and outsides of something. I am one(a good one), i know. So i understand no matter how many warnings people give, many of us can never truly give up this habit. So i am your guy. Try virtualization. Download whatever cracked game on a virtual machine. Scan it with as many anti viruses as possible, then move it to your host PC, or just get a virtual machine lock it down and play the games there or try sand boxing it. Also one can be hacked even without downloading things so be careful. Don’t enter sites that seem off or dangerous. Try browsing with Tor or Firefox. Check this guide on how to browse securely and safely: The Wonderful 3s: Privacy, Security and Anonymity.
8. DATA DISPOSAL
You need to learn proper data disposal. Hackers do something called Dumstar/Trash Diving.
It is where we physically come near our target and check his trash for anything we might need to exploit them. This doesn’t just apply to documents even drives that you didn’t wipe well. There’s a saying: Another mans trash is another mans treasure(Haha i know, moving forward). Buy a shredder and shred sensitive files or burn them, the less you leave the better, shredding is great but if the hacker is really into exploiting you, trust me he/she will get back to their place and stick the little pieces together even if it takes them days. I have done it(and no, not illegally). So shred and burn, just shredding should be fine unless you have ultra sensitive information on those documents. As for hard drives, put screws in them.
I mean literally drill holes in them, burn them, break the disks, microwave it, smash it with a hammer(very good for letting go of stress, you should try it 🤣🤣) Why go to such extremes, well like i have just told you. Simply pressing the delete button doesn’t always guarantee that the data is gone. The best way to be sure is just wreck the hard drive till it stops looking like a hard drive. There are plenty of ways data can be recovered both through the use of software and through hardware. This applies to even RAM, SD Cards and even SIM Cards. Just do all the steps together. Drill Holes, Burn, Break, Microwave and Smash! Check the videos below!
9. AUTHENTICATE AND AUTHORIZE
You have to authenticate and authorize. What i mean is restrict access to only the trusted/required few. Especially in the business environment. It usually takes 1 computer to bring down an entire organization. Limit how much access each individual or level has. Remember that someone from the organization is most likely to hack and steal trade secrets. Most organizations are brought down by their own employees so you need to set up data protection policies and ensure they are followed. Not everyone in the organization needs the same level of access. This also applies to individuals don’t just give your laptop to everyone you think is your friend. Someone who i thought was a good classmate and trusted once stole my assignment right from my computer and presented it as his own. Limit access. Only allow what is needed for efficient work flow.
10. TRAIN EMPLOYEES/YOURSELF ON SECURITY
This is mainly for organizations. Remember Human Beings are always the weakest link. Train employees or yourself(for individuals) in basic security. Trust me it doesn’t take more than 3 weeks to know how to protect oneself and the organization.
11. UPDATES
Keep all software up to date. Each day more than 10 vulnerabilities are discovered in popular softwares at-least some have introduced bug bounties that help them stay alert and discover potential vulnerabilities before they go world wide. Update software as soon as they come out. I know this, many popular software have some Automatic Update Feature. Enable it.
12. MONITOR
Keep system logs and constantly monitor your organization network and whatever systems in place. Create an incident response plan and ensure it is feasible. If you have to, create a Security Operation Center that monitors all kinds of logs and changes. You must always keep track of your data, know which data is stored where and use good monitoring tools that can help prevent data leakage. The data leakage software that you choose must have set up of key network touchpoints that help to look for specific information coming out of internal network. Such software can be easily configured or customized to look for codes, credit card numbers or any other kind of information which is relevant to you.
Stay safe everyone! Data Security 101, a more in depth guide coming soon for both Businesses and Individuals.
I will appreciate it, if you take 10 seconds of your time to check out my donations page and donate to the blog and other causes. 40% of the donation goes to buying this blog an official domain name, the rest goes to charity for example the Australian Bush Fire. Any amount received will be shown, from whom and to where it went. I will also include screenshots of inflow and outflow. So go check it out: Donations and donate!
