DATA SECURITY
INTRODUCTION
Data means groups of information that represent the qualitative or quantitative attributes of a variable or set of variables.Data is the raw form of information stored as columns and rows in our databases, network servers and personal computers. This may be a wide range of information from personal files and intellectual property to market analytics and details intended to top secret. Data could be anything of interest that can be read or otherwise interpreted in human form. However, some of this information isn’t intended to leave the system. The unauthorized access of this data could lead to numerous problems for the larger corporation or even the personal home user.
Security is the degree of protection against danger, loss, and criminals. Security has to be compared and contrasted with other related concepts: Safety, continuity, reliability. Security as a form of protection is structures and processes that provide or improve security as a condition.
Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. Thus data security helps to ensure privacy. It also helps in protecting personal data. In simple terms, data security is the practice of keeping data protected from corruption and unauthorized access. Now you must also know how to secure data.
Data and Security
When you have got the idea of what actually data security is. So let us go into the details of how data should be secured and the ways of doing it intelligently.
“Data security is the practice of keeping data protected from corruption and unauthorized
access. The focus behind data security is to ensure privacy while protecting personal or
corporate data.”
OVERVIEW
Although there is no standard definition for ―data protection‖ and the functions it encompasses, most organizations agree that any comprehensive data protection strategy should include the following areas:
Data security: Preventing unauthorized access to data, which might involve the use oftechnology such as encryption as well as application-based security technologies.
Data availability: Ensuring that data is highly available to business applications. This generally entails deploying high-availability storage solutions that utilize technologies. These solutions focus on eliminating single points of failure in the data path and/or the storage target.
Data backup and recovery: Ensuring that a point-in-time copy of data can be restored in order for business operations to resume.
Every organization should be concerned about protecting data against intruders, for the organization’s ability to survive depends on the availability, comprehensiveness and reliability of its financial and organizational data.
Security has become more complicated with the expanded use and networking of personal computers. At present, the local networks and the connections between the large and small computers are such that each of them takes part in the application. The application as a whole appears to be located on the user’s computer, but in fact each user and each application has access to, and sometimes even controlover, organizational data on various computers and storage facilities. Obviously, such openness invites unauthorized use, and requires data security coordination and management unfortunately; many companies do not deal with data security and network management problems until there is a crack in the network.
To protect vital information, the companies must set up a sound security system before the network is intruded. This involves identification of the security risks, applying sufficient means of security, and teaching the users data security awareness.
It is important to note that these functional areas are not independent of each other. For example, a backup of a database is created to meet data backup and recovery requirements. However, it might be important for that backup copy to be encrypted from a data security standpoint, especial y if the backup resides on portable storage media that is taken out of the security of the data center and susceptible to unauthorized access.
Distributed systems: The most important part of distributed systems is its joint data network which is the nerve center of the organization and tends to grow with the development of the organization and the development of technology.
Sometimes the network will connect a number of independent organizations with management and other servers to form the distributed system. For example, it is possible to describe an organizational network in a large organization with a large number of divisions and departments.The increase of connections results in greater interdependency of the systems and constitutes an environment with many challenges for data security management. Client/Server systems: Traditional distributed systems enable users to use data and applications on distant networks without confining them to networks that they are directly connected to. In client/server systems the traditional functionality of the mainframe is divided into two:
- A user interface and a nucleus of one or more applications activated at the peripheral
station defined as a ―client - Management of the database and part of the application activated on another system
defined as a ―server
Through this division each component in the network may carry out the work for which it is most suited. The two parts of the application are connected via special software enabling transfer of messages between the client and the server. Client/server applications are very flexible and allow users to access databases on various networks all via a graphic interface, which does not exist on mainframe systems.