DATA SECURITY

DATA SECURITY

Data security is a very important part of a successful computer involved business. It is essential to keep vital data secured in order to have piece of mind. Backing up data and having dedicated computers running just to store data are great ways to maintain data security.

Computer systems are subject to failures or accidents. Such failures and accidents affect the availability of data. Many businesses depend on their data for per second decision-making, and cannot afford a downtime of 5 or 10 minutes, which might result into losses of millions.

Another problem with data security is malicious computer viruses. The ideal data security for any business would be to have separate computers that constantly get updated with new back ups, but are never connected to any internet network.

For any business that could simply not afford to have its vital data be wiped clean from the face of the earth, backing up in other parts of the world can be a great way to avoid things like theft, natural disasters and human error. As long as you have absolutely topnotch network security, your data will be safe on a server in a different part of the world.

If you happen to wipe a hard disk clean, there are ways to recover that lost data. Many times damaged hard drives can be recovered, many times they cant, and often data recovery costs massive amounts of money.

How a hard drive works is a complicated process, but if you know that when you delete data off a hard drive, it doesn’t disappear, its still there, but it is ready to be written over. If you make a boob, delete something, as long as you don’t go filling up those same disk sectors you can probably retrieve that data. Mind you, this process is not easy, and a regular computer chump probably couldn’t do it, this is why data recovery is often left to professionals, and often costs you big bucks.

As you can see, data security is vital for the smooth operation of any business. If you practice good data security then you don’t ever need to worry about data recovery.

Let us first understand What is data? Data is nothing but, information. All information in a computer is referred to as data. Data is a plural form of Latin word "Datum". In computer, what we type, is referred to as data. There are two types of data, first one is character or numerical data, and second one is referred to as binary. The first one is readable to human beings easily. The second one helps computers to function. They are readable by the computer programs.

What is data protection: Generally, the word protection means the security given to something. For example, a house protects us from getting wet, when raining etc. In computer, the word protection is referred for protecting data from others, so, that others cannot get the information. In computer, information is stored in hard disks, floppy disks, CD-ROM disks, etc. i.e. any secondary storage device, permanently. We need to protect it from getting accessed or modified or deleted. There are two categories of data; they are, private and public.

Private data, features your name, password, address, telephone number etc. Public data is made available to public, information on some specific fields, which includes science, technology, mathematics, etc. Not all information on these fields are not public data. They may have private data also. It depends on how data is organized to protect it from being accessed.

Normally, we store information or data in the form of files, in the secondary storage devices. The computer checks, whether the data is in protected mode. If it is true, then computer will not provide data to the user. Each of file information is stored, in File Allocation Table (FAT), in case of Microsoft family of operating systems.

File Allocation Table, is table of rows and columns, with each row corresponds to one file. The columns are, of, name of the file, address offsets from and to where data is to be read, different file attributes. One way, and perhaps, the only way to give protection to the file in FAT, FAT16, FAT32 is by hiding it and making it read only. But, that was not enough, as a user, knowing the existence of file, can reach it directly, without any difficulty. Microsoft later released NTFS (New Technology File System), which greatly increased the security options.

With the advent of client-server technology, the computer system had revolutionary changes. NTFS introduced a concept called File and Folder level security, where in, one can set options, with user name, and passwords. The user with sufficient permissions can access the file. However, there are several o*ther issues. The user name and passwords are to be made secured. So, they introduced a concept, called encryption and decryption. The basic idea of encryption is to convert data from one form to another. For example, suppose the letter 'A', may become 'Z' after encryption. Decryption is the just opposite of encryption. i.e. 'Z' should become, 'A', after reversing that is, decryption.

Encryption and Decryption involves several complex mathematical formulas. One needs to be good in mathematics, to write programs, for encryption and decryption. Till today, no one knows the actual process except, the author of the program. But, several intelligent guesses can result in breaking of encryption code. So, several encryption and decryption algorithms came, which made guessing difficult. The research for best encryption and decryption process is already on its way.

The second security measure, apart from the encryption is, the firewall. A firewall is a program, which monitors the traffic. The traffic is nothing but, a group of files. It may be a network file or an ordinary file. A firewall prevents the certain files or data from entering into system. It checks data or properties of the file and allows or blocks the file, depending on the condition set. Say for example, suppose, if one can prevent the file abc.txt from entering into the system. Like wise, we can block or allow the messages or files, which are willing to enter into our computer.

The growth of technology has resulted in bringing high level security, in the computer system. However, a more advanced data security system need to be built, which will prevent, unauthorized access into the system, in the years to come.

Is there anything I can do to prevent these viruses, worms and trojans from attacking me?

A LOT! First of all, viruses don’t suddenly just jump into your computer. You (or the person using the computer) have to, one way or the other, run them before you can get infected! The most typical way of getting infected is via email; ie. you get email from a friend of yours or from someone you don’t know…and there is an attachment along with the email…and you execute that attachment! The fact that email seems to come from a friend of yours doesn’t mean it doesn’t have virus inside! In fact, most of the viruses come from the people you know, because they spread by using the address book.

Also many "bots" and "trojans" can be sent to you via instant message services such as IRC. Be aware what files do you execute your "frieds" give you! Here is an excellent information about "bots", "drones", "zombies", etc. A must-to-read to ANY IRC user!!!

Also, there has been numerous bugs in browsers, email and server software that have allowed viruses to be run without users doing anything! Code Red worm, for instance, spread by scanning for unpatched servers and infecting them directly from the internet! Windows have had similar worms every now and then, so its crucial to have some kind of firewall running to prevent all not-wanted inbound traffic! Also, javascript "exploits" can be found in many webpages. This is dangerous since they can also be exploited by using html email.

They will execute by just you watching he email message! It is highly recommend that you read all email as plain text (you can adjus this in Outlook Express in "Read" page in the settings) and/or disable the preview panel (you can disable it in Outlook Express in "Layout" setting"). For security perspective, you should use some other email client than Outlook Express and other browser than Internet Explorer.

So once again, it is very important to keep your software updated and take care of your security in ALL layers. Security is only as strong as the weakest link!

Don’t EVER use public computers to read you "original" email or to any other thing that demand you to type any logins or passwords. Public computers are many times fitted with Trojan horse programs that can be used to capture your keyboard pressings (=logins + passwords). These history files can be collected by the hacker later or sent via email.....and off he gets his hands into your email, etc. (as a side comment… this is the easiest way to get your passwords).

If you really know what you are doing, you can check the computer for clues about trojan horses to be somewhat sure that it has/has not trojan horse inside. Remember that most antivirus software DONT find new keyloggers or other trojans, so the fact that the computer has a antivirus program running doesnt mean it would be safe! I have personally tested several keyloggers and guess what? Even recent antitrojan programs cant usually detect them! Even more reason to be VERY carefull about what you do in public computers.

There are two categories of data; they are, private and public. Private data, features your name, password, address, telephone number etc. Public data is made available to public, information on some specific fields, which includes science, technology, mathematics, etc. Not all information on these fields are not public data. They may have private data also. It depends on how data is organized to protect it from being accessed.

The columns are, of, name of the file, address offsets from and to where data is to be read, different file attributes. One way, and perhaps, the only way to give protection to the file in FAT, FAT16, FAT32 is by hiding it and making it read only. But, that was not enough, as a user, knowing the existence of file, can reach it directly, without any difficulty. Microsoft later released NTFS (New Technology File System), which greatly increased the security options.

The user name and passwords are to be made secured. So, they introduced a concept, called encryption and decryption. The basic idea of encryption is to convert data from one form to another. For example, suppose the letter 'A', may become 'Z' after encryption. Decryption is the just opposite of encryption. i.e. 'Z' should become, 'A', after reversing that is, decryption.

http://www.justvb.net/it/