Data Security Meaning and Definition of terms

Definition of key terms

Data security: This is the process of making sure data is available only to those who need it for legitimate
purpose.
Data: This is the information that has been translated into a form that is efficient for movement or processing.
Data privacy /Information privacy: It is the aspect of information technology that deals with the ability of an
organization or individual to determine what data in a computer system can be shared with third parties.
Security threats: This is the process of an illegal entity gaining access to a company’s data or information.
Control measures: This is any measure taken to eliminate or reduce the risk of security threats.
Cyber criminals: These are illegal users who use many different methods to lure you into parting with your
confidential personal or business information.
Security Threats and Control Measures Used
A threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible
harm.
A threat can either be intentional (e.g. hacking by an individual or criminal organization) or accidental (the
possibility of a computer malfunctioning OR the possibility of natural disasters such as fires or otherwise a
circumstance, capability, action or event).
Classification of security threats
 Classification according to type
 Physical damage: For example, fire, floods
 Natural events: For example, climate, volcanic
 Compromise of information: Via eavesdropping, theft of media
 Technical failures: For example, equipment, software
 Compromise of functions and errors in use, abuse of rights
 Classification according to origin
 Deliberate: Aiming at information asset e.g. spying, illegal processing of data
 Accidental: For example, equipment failure, software failure  Environmental: For example, natural event, loss
of power supply
 Negligence: Known but neglected factors compromising the network safety and sustainability.

Counter measures to security threat

A counter measure is an action, device, procedure or technique that reduces a threat, a vulnerability or an attack
by eliminating or preventing it, by minimizing the harm it can cause or by discovering and reporting it so that
corrective action can be taken
Counter measures to security threats involve implementing various strategies and practices to mitigate risks and
protect systems, networks, and data.

1. Firewalls:
 Install and configure firewalls to monitor and control incoming and outgoing network traffic.
 Use both hardware and software firewalls to provide layered protection.
2. Antivirus Software:
 Deploy reputable antivirus and anti-malware software to detect and remove malicious software.
 Keep virus definitions and signatures up to date.
3. Regular Software Updates:
  Ensure that all operating systems, applications, and software are regularly updated with the latest
security patches.
 Enable automatic updates whenever possible.
4. Strong Authentication/password:
 Implement strong password policies and encourage the use of multi-factor authentication (MFA) to
enhance login security.
5. Access Controls:
 Restrict user access based on the principle of least privilege.
 Regularly review and update user permissions.
6. Encryption:
 Use encryption for data at rest, in transit, and during processing.
 Employ secure protocols (e.g., HTTPS) to protect data during communication.
7. Regular Backups:
 Perform regular backups of critical data and ensure they are stored in a secure location.
 Test the restoration process to ensure data can be recovered.
8. Security Awareness Training:
 Educate users and employees about security best practices and the latest threats.
 Raise awareness about social engineering tactics.
9. Physical Security:
 Secure physical access to servers, network infrastructure, and other critical components.
 Monitor and control physical access points

Types of computer Threats and Crimes

Cyber criminals may use many different ethos to lure you into parting with your confidential information.
Malware (malicious software may be described as a variety of forms of hostile, intrusive or annoying software or
program code. Malware could be computer viruses, worms, Trojan horses, dishonest spyware and malicious
rootkits. Here is a quick explanation on some of the common computer threats/crimes you may come across:
1. Malware:
 Viruses: Programs that can replicate and spread to other files or systems.
 Worms: Self-replicating malware that spreads across networks without human intervention.
 Trojans: Malicious software disguised as legitimate programs, often used to gain unauthorized
access.
2. Ransomware:
 Malicious software that encrypts a user's files, demanding payment (usually in cryptocurrency) for
their release.
3. Spyware:
 Software that secretly monitors and collects information about users without their knowledge,
often for malicious purposes.
4. Adware:
 Software that automatically displays or downloads advertising material when a user is online.
5. Phishing:
 Deceptive attempts to obtain sensitive information (such as usernames, passwords, or credit card
details) by masquerading as a trustworthy entity in electronic communication.
6. Identity Theft:
 Unauthorized acquisition and use of someone's personal information, often for financial gain.
 7. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks:
 Overwhelming a system, network, or website with traffic to disrupt its normal functioning, making
it temporarily or indefinitely unavailable.
8. Social Engineering:
 Manipulating individuals to divulge confidential information or perform actions that may
compromise security.
9. Hacking:
 Unauthorized access or manipulation of computer systems or networks.
10. Cyber Espionage:
 Covert activities to gather sensitive information or intelligence from individuals, organizations, or
governments.
11. Insider Threats:
 Security risks originating from within an organization, often involving employees or other trusted
individuals.
12. Data Breaches:
 Unauthorized access, acquisition, or disclosure of sensitive information, often involving personal
or financial data.
13. Cyberbullying:
 Harassment or intimidation using electronic means, often on social media platforms or through
messaging.
Methods to Protect Yourself from Computer Crimes
 Using strong passwords: Don’t repeat your passwords on different data and software Change your
passwords regularly. Make them complex. That means using a combination of at least 10 letters, numbers and
symbols.
 Keep your software updated: This is especially important with your operating systems and internet security
systems. Cyber criminals often use known exploits in your software to gain access to your system. Patching
those exploits and flaws can make it less likely that you will become a cyber-criminal target.
 Strengthen your network: It is a good idea to start with a strong encryption as well as a virtual private
network. A VPN will encrypt all traffic leaving your devices until it arrives to its destination.
 Keep up to date on major security breaches: If your data has been impacted by a security threat, find out
what information the hackers accessed and change your passwords immediately.
 Know that identity theft can happen anywhere: It is important to protect your data for example, by using a
VPN when accessing the internet over a public Wi-Fi network.

Benefits of data security

1. Keeps your information safe: By adopting a mindset focused on data security and implementing the right set of tools, you
ensure sensitive data does not fall into the wrong hands. Sensitive data can include customer payment information, hospital
records, and identification information, to name just a few. With a data security program created to meet the specific needs
of your organization, this info stays safe and secure.
2. Helps keep your reputation clean: When people do business with your organization, they entrust their sensitive
information to you, and a data security strategy enables you to provide the protection they need. Your reward? A stellar
reputation among clients, partners, and the business world in general.
3. Gives you a competitive edge: In many industries, data breaches are commonplace, so if you can keep data secure, you set
yourself apart from the competition, which may be struggling to do the same.
4. Saves on support and development costs: If you incorporate data security measures early in the development process, you
may not have to spend valuable resources for designing and deploying patches or fixing coding problems down the road.