What is data security?
Data security is the practice of protecting data from theft, loss and corruption. Threats to data security include phishing and malware. Businesses can safeguard their data using data security methods, such as antivirus software and access control policies.
Why is data security important?
Phishing is a major threat to data security. It is a method of cyber-attack that attempts to steal data using emails that look like they come from reputable companies, such as retailers or banks. The victim trusts the email and clicks a link, which then downloads malware onto their computer. Phishing attacks are also prevalent on social media, text messages and phone. These methods work in the same way – they gain the victim’s trust and convince them to either click a link or hand over personal details.
A virus is malicious software built for stealing data and damaging infrastructure. They are usually designed to infect multiple computers and enter the system via phishing, USB ports, external hard drives, unstable networks, exposed endpoints and other vulnerabilities. One of the most widespread viruses is a Trojan horse, which pretends to be a legitimate program, but once installed, enables the hacker to take control of the device, disable antivirus software and gain access to sensitive data.
Spyware is a sinister form of malware that tracks the victim’s activities. It usually gains access to the device via phishing or a malicious website. Spyware hides undetected and records everything that is typed, browsed, downloaded and viewed. The hacker can see all sorts of sensitive information, including passwords and credit card details. Advanced spyware can even watch and listen to the victim using their computer camera and microphone.
Ransomware is one of the most rapidly growing threats to data security. It is a form of malware that locks the victim's device or encrypts their data, so that the hacker can demand a ransom to restore it. Like most malware, ransomware usually enters a device via phishing or visiting a malicious website, but sometimes it spreads by exploiting weaknesses in networks, operating systems and ports. In 2017, the famous WannaCry ransomware infected 200,000 individual and corporate computers worldwide. It exploited a Windows vulnerability and hackers demanded a payment in Bitcoin to unlock the affected computers.
Brute force attacks
Brute force attacks use trial and error to crack passwords and steal data. Hackers either just guess passwords by trying different combinations, or they use automated hacking tools that can run every possible combination and decrypt passwords using algorithms. Brute force attacks pose a strong threat to data security, as nothing can really stop an employee or other insider from trying out passwords to gain unauthorised access. However, access control policies and authentication have become more sophisticated and offer good protection.
Zero-day vulnerabilities pose a worrying threat to data security, as they exploit unknown weaknesses in software and infrastructure. Such vulnerabilities can be purchased on the black market or identified using bots and coding. Once hackers find a weakness, they unleash malware to extract data. By the time businesses and developers have discovered the weakness themselves it is too late, as the malware has already caused damage. In 2014, Sony Pictures Entertainment was hit by a zero-day attack. Hackers discovered a weakness within the Sony network and used malware to leak sensitive data, including emails, business plans and copies of unreleased films.
Insider threats can come from employees, contractors and clients. Such threats are most often misinformed employees who, for example, don’t understand the importance of creating strong passwords. However, a more dangerous threat comes from malicious insiders, such as disgruntled employees or those with a criminal motive. As they are embedded within the business and know the vulnerabilities, it is much easier for them to steal data and cause damage.
Businesses have increased their adoption of the cloud to benefit from greater flexibility, cost savings and remote working. However, cloud adoption is outpacing security. Cloud services create more potential entry points for hackers, especially when combined with remote working, which can expose devices to unsecure networks and unauthorised users. To protect cloud infrastructure, businesses should properly configure their cloud settings and adopt strong access control policies, cloud security solutions and data security policies.
Data security management
Data security is managed using a combination of technologies and organisational policies. A strong approach to data security management should encompass the entire attack surface area - from remote devices, cloud services and on-premises infrastructure, to websites, email, software and hardware. As human behaviour is so often the cause of data security breaches, this must also be taken into consideration. Here are some of the techniques used to manage data security:
Encryption is the use of algorithms to scramble sensitive data so that only users with an encryption key can read it. It is a powerful data security method, because even if a hacker manages to access the data, they’ll never decipher it. An increasingly common method of encryption is tokenization, which is when sensitive data is swapped for randomly generated surrogate data, known as a token, which is then shared safely online between two parties. It is very popular with online payment platforms, such as PayPal.
Firewalls are a tried-and-trusted method of securing networks and are essential for strong data security. They monitor and control the traffic coming in and out of a network, acting as a protective shield between private internal networks and public networks, like the Internet. Firewalls can be software or hardware and many businesses adopt both for the best defence.
Antivirus software protects computers and networks from viruses and malware. It is a strong first defence against security threats, detecting and removing infections before they can cause trouble. Antivirus solutions are constantly updated and improved by security vendors to keep pace with the threat landscape. Many even use machine learning to learn normal activity and alert users of anything unusual. Some antivirus solutions are also dedicated to a specific part of the infrastructure and add an extra layer of protection to databases, email, cloud and endpoints.
Authentication is essential for robust data security. It acts as a first line of defence against malicious intent and can be used to control access to devices, email accounts, websites, software and other resources. Authentication verifies the identity of a user by asking for ID, such as passwords, usernames, PINs and biometric scans. Another effective method is two-factor authentication, which asks for two forms of identification, for example, a password and PIN.
Data security policies
Even if a business has adopted the latest data security technologies, this doesn’t solve the problem of human behaviour. If employees continue to click on unsafe links, create weak passwords and use unstable wireless networks, hackers can still get in. Businesses must therefore create policies to ensure their employees take the right action when confronted by a threat.
Password policies are a must for effective data security. They require employees to create complex passwords, change them regularly and never share them with others. Acceptable use policies are also powerful, as they govern how devices and networks should be used. For example, this can help businesses prevent insider threats by controlling the use of external storage and USB ports. It is also sensible to invest in data security training, so employees know how to identify and deal with threats, such as phishing emails.
The Zero Trust approach is also growing popular. It assumes that nobody inside or outside the organisation should be trusted by default. Anyone trying to access resources will need to provide strict authentication. Zero Trust is a good framework to use when building a strong approach to data security and there are multiple tools that can support this.
Access control policies
Access control policies are an excellent method of data security, offering protection against both inside and outside threats. They control access to data, files and software based on user identity. Such policies are often role-based, for example, a business might set-up access control rules that only allow managerial or financial employees to access confidential financial data.
Backup and recovery
Data security strategies must also safeguard against data loss, for example, in the case of system failure. To mitigate against this risk, businesses should create a backup and recovery plan, where data is regularly copied and archived so it can be recovered in the event of accidental or intentional loss. Effective backup methods include cloud backup and offsite servers, which both offer huge amounts of secure storage space and are safer than using on-site or portable storage - which can be lost, stolen or damaged. Whatever method is chosen, backup and recovery strategies are crucial and ensure continuity in the event of data loss.