It can be encrypted
It can be protected by making sure applications are securely coded and hosts are
hardened
d. What are some ways that data can be attacked when it is stored?
It can be backed up, encrypted, and destroyed. Restrictions on access to the data can
also be implemented while it is being stored.
Data can be lost by mechanical failure, environmental causalities, malware, lost, and
human error
Back up will ensure availability because you will still be able to access your file from
backup copies, even if your primary hard disk fails.
File/directory data backup copies data (not programs, registry settings, configurations).
Image backup copies data and all those other things.
Shadowing frequently records a backup copy of each file actively being worked. If there
is a failure, little will be lost.
when the capacity of the storage is exceeded, the oldest files are deleted first.
It only backups data that has changed since the most recent full backup.
c. A company does a full backup one night. Call this backup Cardiff. On three successive
nights, it does incremental backups, which it labels Greenwich, Dublin, and Paris. In
restoration, what backups must be restored first and second?
Centralized backup alleviates the key problems associated with local backup, which are:
Limited ability to audit which computers were backed up per policy, how backups were
done, or how data was protected
b. Define CDP.
CDP is continuous data protection. This is where two sites back up each other.
CDP is attractive because other sites can take over very quickly in case of a disaster, with
little data loss.
d. Why is it expensive?
Because bandwidth is needed between CDP sites to allow the real-time backup of data.
e. Why is backup over the Internet to a backup storage provider attractive for client PC
users?
It is very convenient.
f. What security risk does it create?
It is peer-to-peer backup onto other client computers. It sends backup data in parcels to
many other client PCs.
First, mesh backup operation must not slow down the computer on which packets are
being written or from which packets are being retrieved. Second, specific client PCs are
not always available for packet retrieval, so parcels need to be sent out redundantly.
The most difficult technical problem is security. When a client PC receives a backup
parcel, its user must not be able to read it, modify it, or delete it.
Because it could make client PC backup automatic and, thus, eliminate the human factor
in failing to conduct regular backups. It also utilizes corporate PC power that is often
underused, compared to expensive separate backup hardware.
Magnetic tape can store vast amounts of data at the lowest cost per bit of any backup
medium
ape is not desirable because it is painfully slow and there are many different tape
formats and readers (not much standardization like optical media).
Because it could also be lost if a computer is stolen or damaged in a fire. This method is
also too expensive for long-term storage.
Many companies use a hybrid backup method, using additional hard drives for storage
for as long as possible, then transferring to tape at a pre-determined time or data size.
Up to 8 GB
Probably not, because the life of optical disks is still unknown and is probably short.
A system using an array of drivers increases reliability because redundant data are
stored on multiple dis. Failure of a single drive in the array would not precipitate data
loss. An array of drivers can also increase read-write performance. Disk performance is
increase because data can be written to, or read form, multiple disk simultaneously.
b. Explain RAID 0.
c. Explain RAID 1.
RAID 1 configuration, the client operating system writes data to both the primary hard
drive and the backup hard drive at the same time.
d. Explain RAID 5.
RAID 5 configuration stripes data across multiple disks to increase data transfer speeds.
Parity bits enable reconstruction of data stored on other disks in case of failure. Parity
bits are stored on disks such that they can be used to reconstruct the original parts of
any lost disk in the array.
The XOR parity bit will be a 1 if one or the other bits is a “1,” but not both bits are 1s.
The parity bit will be a 0 if both bits are either “1” or “0.”
Suppose Disk 3 (of 3) experienced complete failure. Data from Disk 1 (Part 1, Part 3, and
Parity 5 & 6), together with data from Disk 2 (Part 2, Part 5, and Parity 3 & 4) could be
used to recalculate the lost data on Disk 3 (Part 4, Part 6, and Parity 1 & 2). No data
would be lost. After all calculations are done, the data on new Disk 3 will be identical to
the data before the fire.
Depends on the number of the disk, size of the disk, read-write speed.
A small amount of storage capacity is lost by storing the parity bits (RAID 5), but it is
much less than it would be if the entire array were mirrored (RAID 1). The
recovery/rebuild time on RAID 5 would be much longer
b. Which RAID level discussed in this chapter has the fastest read-write speeds?
RAID 0
It’s good for home user, but it’s very expensive and difficult to configure
Backup creation policies should specify what data should be backed up, frequency of
backups, restoration test intervals, and other related guidance. Policies should address
different types of data and computers to ensure the right backup is provided for the
resource.
Because if the data is important enough to spend precious time and resources to
backup,
d. What should be done about backup media until they are moved?
Backup media should be stored in a fireproof and waterproof safe until they are moved.
The dangers of lost, stolen, or damaged backup material require control over access to
the data
g. If Person A wishes to check out backup media, who should approve this?
The manager
Checkouts of backup media are rare, so every checkout should be examined carefully.
i. Why should business units and the legal department be involved in creating retention
policies?
There are many business and legal requirements regarding the retention of certain
types of data; these departments should be involved in creating retention policies.
It includes all policies, and tracing what happened to samples of data that should have
been backed up
b. Why is it dangerous?
Because if it can be
It is the process wherein a firm must provide records related to a lawsuit, including e-
mails.
d. What are courts likely to do if it would be very expensive for a firm to discover all of its
e-mail pertinent to a case?
Court doesn’t care about that. The firms have to pay to get recovery email.
It is when email or other files are located on backup tapes when they were thought to
be deleted
Without limit
h. Is there a specific law that specifies what information must be retained for legal
purposes?
No, there are multiple laws that specify what information must be retained.
i. What two requirements in the U.S. Rules of Civil Procedure are likely to cause problems
for firms that do not have a good archiving process?
In the initial discovery meeting, which occurs shortly after a lawsuit begins, the
defendant must be able to describe what information it has and how it will provide it.
This requires a good in-place archiving system. The firm must be able to put a hold on all
destruction of potentially relevant information if the possibility of a lawsuit is foreseen.
It needs a good in-place archiving system to be able to do this.
j. Why is message authentication important in an archiving system?
It will inevitably get the firm in big trouble, fined, or possibly losing lawsuits.
Spreadsheets are a major focus of new compliance regulations resulting from the
Sarbanes-Oxley Act of 2002. Spreadsheets are highly concentrated with PII and are used
for many proprietary financial calculations that would be disastrous to have hacked or
deleted. Also, manipulation of spreadsheet is a key technique of criminal attempting
fraud
extensive testing for errors and fraud indicators, and the use of spreadsheet vault
servers.
• extensive auditing
Vault server authorizations go beyond what a person can do with a file. They also limit
what files a user can see on the spreadsheet
Because not all people have a right to see all data in the database
Because there are some certain columns that database administrators don’t want
anyone to change the data inside
Because there are some certain columns that database administrators don’t want
anyone to change the data inside
Privacy concerns may restrict searches to being no more detailed than sums and
averages at the department level.
A data model consists of entity names, attributes, and the structure of relationships
between entities.
Incoming data can be validated by making sure they are in the expected data type (e.g.,
text, integer, or binary), size (e.g., 32 bits, 10 characters, or less than 5 KB), or format
(e.g., DD/MM/YY or (555) 555-5555).
Incoming data can be sanitized to remove unacceptable characters that could be used to
manipulate the SQL statement.
Triggers can also be used to implement audit policies and detect noncompliance with
security policies.
Data Definition Language (DDL) triggers can be used to produce automatic responses if
the structure of the database has been altered.
Attackers use automated port scanners to look for databases running on known default
ports. Changing the default port can slow down an attacker.
From a legal standpoint, loss of encrypted data comes with negligible risk of exploitation
and the costly responsibility to report lost unencrypted data.
If the key is lost, this could be disastrous for the firm. People with legitimate access will
also be locked out.
Companies address the risk of lost encryption keys by holding copies of the keys in
escrow, either on-site or off.
The user may not do it, or may not be able to find it, and if fired, may refuse to give it
up, locking up all the data on the computer.
Encryption is usually fully transparent to the PC user. As long as you know the password
for your computer, you can work with encrypted directories and files exactly as you do
with unencrypted directories and files.
It is attractive because once the user is logged in, he or she can see all encrypted data.
File sharing requires files to be unencrypted prior to sharing; adding encryption adds
another step to the file sharing processes.
Data loss prevention (DLP) is a set of policies, procedures, and systems designed to
prevent sensitive data from being released to unauthorized persons
b. Are there some types of data that are too risky to collect?
Yes, healthcare records, credit card information, or social security numbers (SSN) may
have additional legal requirements related to proper storage and handling. Loss of these
data may lead to enormous liabilities. The potential cost of being sued may outweigh
the benefit of having them on file.
c. In your judgment, do most organizations adequately protect their data? Why?
Data masking obscures data such that it cannot identify a specific person, but still
remains practically useful.
Attributes from one database match, or closely match, attributes in a second database.
For example, a person’s name from a public voter list could be associated with medical
data through linking attributes.
c. What are the odds of correctly identifying a person based on their ZIP code, date of
birth, and gender? Why?
Professor Latanya Sweeney at Carnegie Mellon University combined data from a public
voter list with seemingly anonymous medical data. She found that it was possible to
correctly re-identify 87 percent of individuals using ZIP code, birth date, and sex.
d. What is profiling?
Digital Rights Management restricts what people can do with certain types of data, such
as copyrighted material. Examples may include music, books, pictures, etc.
DRM is desirable because it can be used to protect trade secrets, sensitive personal
data, and copyrighted material.
c. Give some examples of use restrictions that a company may wish to impose on a
document.
A firm may only allow a person to download a document but not save it locally, print it,
change it, or take other actions.
If the information appears on the screen, screen capture software can make a copy to
be put in another file for saving, printing, and other undesired actions
Data extrusion management attempts to prevent restricted data from leaving the firm
without permission.
f. How can DLP systems be effective when placed at the gateway, on clients, and on a
database server?
DLP systems can filter all incoming and outgoing content including e-mail, instant
messaging, FTP transfers, unapproved webmail, and so on. Client content can be
scanned before data are sent. This would prevent illicit content from being passed
across the local network. DLP systems can actively search out, tag, and monitor sensitive
data anywhere on corporate databases. They can also monitor access to sensitive data.
g. What is watermarking?
Watermarking is adding invisible information to a file that can be used to identify the
source.
Files can be watermarked for internal use only, and these files can be filtered out if
attempts are made via e-mail attachments, FTP, or other means to send them outside
the firm. Also, each copy of a file can be given a different watermark. If a file is extruded
to the outside world and then found again, the file can be traced back to its first receiver
through the file’s specific watermark.
They are very difficult to enforce and companies usually restrict access and functionality
from documents in uncomfortable ways.
23. Answer this question:
a. Why do employees have to be trained about data security?
Yes, most employees must be trained on data security policies and procedures.
Oftentimes, employees are unaware that they are violating data security policies. They
may be unaware of how their actions could lead to data loss.
b. Do you know someone who has posted information about work on their blog or social
networking site? Was it positive or negative?
So far, I never see someone post their information about their work in blog or social
networking site
c. From a security point of view, do you think social networking sites have made
corporations more, or less, secure?
Basic file deletion happens when you empty the Recycle Bin. The pointers referring to
certain sectors are removed, but the data in those sectors remain. Only the reference to
the sectors has been removed. The file has been logically, but not physically, removed.
Wiping, or clearing, is logically and physically erasing data so that it is unrecoverable.
Even recovery software cannot restore files if they have been securely deleted. The hard
drive remains usable, but prior data cannot be recovered.
c. Is it safe to wipe a hard disk and then give it to someone else? Why, or why not?
Yes, secure file deletion, known as wiping or clearing, is logically and physically erasing
data so that it is unrecoverable. Even recovery software cannot restore files if they have
been securely deleted. The hard drive remains usable, but prior data cannot be
recovered. You could safely give it to someone else without worrying about them
recovering your data.