Uploaded byAbdulBasit938
PPTX, PDF8,261 views

Data security

Data security is essential for protecting digital information within organizations, focusing on the confidentiality, integrity, and availability of sensitive data. A comprehensive security policy outlines prevention, detection, and response protocols while incorporating best practices from recognized standards. Additionally, addressing common security myths and implementing multifaceted security strategies is crucial for safeguarding against threats from both external and internal sources.

Embed presentation

Downloaded 118 times
Data Security Presented By Abdul Basit Ubaid Ur Rehman
Data  Data is any type of stored digital information  Every company needs places to store institutional knowledge and data.  Frequently that data contains proprietary information  Personally Identifiable Data  Employee HR Data  Financial Data  The security and confidentiality of this data is of critical importance.
Data Security  Data security means protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach.
Availability  Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
Security  Security is about the protection of assets.  Prevention: measures taken to protect your assets from being damaged.  Detection: measures taken to allow you to detect when an asset has been damaged, how it was damaged and who damaged it.  Reaction: measures that allow you to recover your assets.
Security Policy  A security policy is a comprehensive document that defines a companies’ methods for prevention, detection, reaction, classification, accountability of data security practices and enforcement methods.  It generally follows industry best practices as defined by ISO 17799,27001-02, PCI, ITIL, SAS-70, HIPPA , SOX or a mix of them.
 The security policy is the key document in effective security practices.  Once it has been defined it must be implemented and modified and include any exceptions that may need to be in place for business continuity.  All users need to be trained on these best practices with continuing education at regular intervals.
Tools To Secure Data  Data needs to be classified in the security policy according to its sensitivity.  Once this has taken place, the most sensitive data has extra measures in place to safeguard and ensure its integrity and availability.  All access to this sensitive data must be logged.  Secure data is usually isolated from other stored data.
 Controlling physical access to the data center or area where the data is stored.  Active or Open Directory is a centralized authentication management system that is available to companies to control and log access to any data on the system.  Encryption of the sensitive data is critical before transmission across public networks
 The use of firewalls on all publicly facing WAN connections.  Deploying VLANs’ and ACLs’ to isolate sensitive departments from the rest of the network.  Shutting down unused switch ports.  If wireless is deployed, use authentication servers to verify and log the identity of those logging on.  Anti-Virus and malicious software protection on all systems.
Security Overview  There are four key issues in the security of databases just as with all security systems  Availability  Authenticity  Integrity  Confidentiality
Availability  Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
Authenticity  Need to ensure that the data has been edited by an authorized source  Need to confirm that users accessing the system are who they say they are  Need to verify that all report requests are from authorized users  Need to verify that any outbound data is going to the expected receiver
Integrity  Need to verify that any external data has the correct formatting and other metadata  Need to verify that all input data is accurate and verifiable  Need to ensure that data is following the correct work flow rules for your institution/corporation  Need to be able to report on all data changes and who authored them to ensure compliance with corporate rules and privacy laws.
Confidentiality  Need to ensure that confidential data is only available to correct people  Need to ensure that entire database is security from external and internal system breaches  Need to provide for reporting on who has accessed what data and what they have done with it  Mission critical and Legal sensitive data must be highly security at the potential risk of lost business and litigation
Top Security Myths  The field of data security is rife with mistaken beliefs which cause people to design ineffective security solutions. Here are some of the most prevalent security myths:  Myth: Hackers cause most security breaches.  In fact, 80% of data loss is to caused by insiders.  Myth: Encryption makes your data secure.  In fact, encryption is only one approach to securing data. Security also requires access control, data integrity, system availability, and auditing.  Myth: Firewalls make your data secure.  In fact, 40% of Internet break-ins occur in spite of a firewall being in place.  To design a security solution that truly protects your data, you must understand the security requirements relevant to your site, and the scope of current threats to your data.
Many Dimensions Of System Security
Description  You must protect databases and the servers on which they reside; you must administer and protect the rights of internal database users; and you must guarantee the confidentiality of ecommerce customers as they access your database. With the Internet continually growing, the threat to data traveling over the network increases exponentially.  To protect all the elements of complex computing systems, you must address security issues in many dimensions, as outlined in Table
Security Issues Physical Your computers must be physically inaccessible to unauthorized users. This means that you must keep them in a secure physical environment. Personnel The people responsible for system administration and data security at your site must be reliable. You may need to perform background checks on DBAs before making hiring decisions. Procedural The procedures used in the operation of your system must assure reliable data. For example, one person might be responsible for database backups. Technical Storage, access, manipulation, and transmission of data must be safeguarded by technology that enforces your particular information control policies.
 Think carefully about the specific security risks to your data, and make sure the solutions you adopt actually fit the problems. In some instances, a technical solution may be inappropriate. For example, employees must occasionally leave their desks. A technical solution cannot solve this physical problem: the work environment must be secure.

More Related Content

PPTX
Data security
bySoumen Mondal
 
PPTX
what is data security full ppt
byShahbaz Khan
 
PPTX
Data security
byForeSolutions
 
PPTX
Data Security
byAkNirojan
 
PPTX
Data Security - English
byData Security
 
PPTX
Information security
byAlaaMahmoud108
 
PDF
1.1 Data Security Presentation.pdf
byChunLei(peter) Che
 
PPT
Information security in todays world
bySibghatullah Khattak
 
Data security
bySoumen Mondal
 
what is data security full ppt
byShahbaz Khan
 
Data security
byForeSolutions
 
Data Security
byAkNirojan
 
Data Security - English
byData Security
 
Information security
byAlaaMahmoud108
 
1.1 Data Security Presentation.pdf
byChunLei(peter) Che
 
Information security in todays world
bySibghatullah Khattak
 

What's hot

PPTX
Privacy & Data Protection
bysp_krishna
 
PPTX
Introduction to Network Security
byJohn Ely Masculino
 
PPSX
Security Awareness Training
byWilliam Mann
 
PPTX
Data Security Explained
byHappiest Minds Technologies
 
PPTX
Phishing ppt
bySanjay Kumar
 
PPT
Information security and Attacks
bySachin Darekar
 
PDF
Information Security Awareness Training
byRandy Bowman
 
PPTX
Introduction to information security
byjayashri kolekar
 
PPS
Physical security.ppt
byFaheem Ul Hasan
 
PDF
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
PPTX
Basic Security Training for End Users
byCommunity IT Innovators
 
PPTX
Cyber Security Introduction.pptx
byANIKETKUMARSHARMA3
 
PPTX
Data Privacy Introduction
byPrachi Gulihar
 
PPTX
cyber security presentation.pptx
bykishore golla
 
PPTX
Introduction to Information Security
byShreedevi Tharanidharan
 
PDF
Introduction to Information Security
byDumindu Pahalawatta
 
PPTX
Cyber Security Best Practices
byEvolve IP
 
PPT
DLP
bysaurabh.sood
 
PPTX
Information classification
byJyothsna Sridhar
 
PPTX
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
Privacy & Data Protection
bysp_krishna
 
Introduction to Network Security
byJohn Ely Masculino
 
Security Awareness Training
byWilliam Mann
 
Data Security Explained
byHappiest Minds Technologies
 
Phishing ppt
bySanjay Kumar
 
Information security and Attacks
bySachin Darekar
 
Information Security Awareness Training
byRandy Bowman
 
Introduction to information security
byjayashri kolekar
 
Physical security.ppt
byFaheem Ul Hasan
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
Basic Security Training for End Users
byCommunity IT Innovators
 
Cyber Security Introduction.pptx
byANIKETKUMARSHARMA3
 
Data Privacy Introduction
byPrachi Gulihar
 
cyber security presentation.pptx
bykishore golla
 
Introduction to Information Security
byShreedevi Tharanidharan
 
Introduction to Information Security
byDumindu Pahalawatta
 
Cyber Security Best Practices
byEvolve IP
 
DLP
bysaurabh.sood
 
Information classification
byJyothsna Sridhar
 
Introduction to Cybersecurity Fundamentals
byToño Herrera
 

Similar to Data security

PPTX
what is data security full ppt
byShahbaz Khan
 
PPTX
Data security
byTapan Khilar
 
PPTX
Digital literacy lecture 2 data security.pptx
byjohnnderitu16
 
PPTX
basic to advance network security concepts
byamansinght675
 
PPT
Dstca
byajay vj
 
PPT
Database & Data Security
byCloudbells.com
 
PPTX
Security & Risk Mgmt_WK1.pptx
byTechnocracy2
 
PPTX
Security & Risk Mgmt_WK1.pptx
bydotco
 
DOCX
Data Security
byankita_kashyap
 
PPT
Lecture 2 - Security Requirments.ppt
byDrBasemMohamedElomda
 
PDF
5db-security.pdf
byHODCA1
 
PPT
DB security
byERSHUBHAM TIWARI
 
PDF
Extending Information Security to Non-Production Environments
byLindaWatson19
 
PPTX
Management Information System Presentation
byAaDi Malik
 
PPTX
Computer security concepts
byPrachi Gulihar
 
PDF
Operations Security Presentation
byWajahat Rajab
 
PPT
Testing
bylorenceman
 
PPTX
Office management
byAditya Purohit
 
PPT
6- new - IS Security - and controls models.PPT
byLoubnaNajjar1
 
PDF
Database security 12.pdf
byShajanShajan2
 
what is data security full ppt
byShahbaz Khan
 
Data security
byTapan Khilar
 
Digital literacy lecture 2 data security.pptx
byjohnnderitu16
 
basic to advance network security concepts
byamansinght675
 
Dstca
byajay vj
 
Database & Data Security
byCloudbells.com
 
Security & Risk Mgmt_WK1.pptx
byTechnocracy2
 
Security & Risk Mgmt_WK1.pptx
bydotco
 
Data Security
byankita_kashyap
 
Lecture 2 - Security Requirments.ppt
byDrBasemMohamedElomda
 
5db-security.pdf
byHODCA1
 
DB security
byERSHUBHAM TIWARI
 
Extending Information Security to Non-Production Environments
byLindaWatson19
 
Management Information System Presentation
byAaDi Malik
 
Computer security concepts
byPrachi Gulihar
 
Operations Security Presentation
byWajahat Rajab
 
Testing
bylorenceman
 
Office management
byAditya Purohit
 
6- new - IS Security - and controls models.PPT
byLoubnaNajjar1
 
Database security 12.pdf
byShajanShajan2
 

Recently uploaded

PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PDF
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
PPTX
Career-Opportunities in Industrial Arts Grade 8 PPT Lesson 2
byFSBTLEDNathanVince
 
PPTX
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
PDF
Agentic AI with Google ADK GDG On Campus Netaji Subhash Engineering College
bydscnsecorg
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
NTG - Data Center Management System Software
byMustafa Kuğu
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PDF
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
Career-Opportunities in Industrial Arts Grade 8 PPT Lesson 2
byFSBTLEDNathanVince
 
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
Agentic AI with Google ADK GDG On Campus Netaji Subhash Engineering College
bydscnsecorg
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
NTG - Data Center Management System Software
byMustafa Kuğu
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 

Data security

  • 1.
    Data Security Presented By AbdulBasit Ubaid Ur Rehman
  • 2.
    Data  Data isany type of stored digital information  Every company needs places to store institutional knowledge and data.  Frequently that data contains proprietary information  Personally Identifiable Data  Employee HR Data  Financial Data  The security and confidentiality of this data is of critical importance.
  • 3.
    Data Security  Datasecurity means protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach.
  • 4.
    Availability  Data needsto be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
  • 5.
    Security  Security isabout the protection of assets.  Prevention: measures taken to protect your assets from being damaged.  Detection: measures taken to allow you to detect when an asset has been damaged, how it was damaged and who damaged it.  Reaction: measures that allow you to recover your assets.
  • 6.
    Security Policy  Asecurity policy is a comprehensive document that defines a companies’ methods for prevention, detection, reaction, classification, accountability of data security practices and enforcement methods.  It generally follows industry best practices as defined by ISO 17799,27001-02, PCI, ITIL, SAS-70, HIPPA , SOX or a mix of them.
  • 7.
     The securitypolicy is the key document in effective security practices.  Once it has been defined it must be implemented and modified and include any exceptions that may need to be in place for business continuity.  All users need to be trained on these best practices with continuing education at regular intervals.
  • 8.
    Tools To SecureData  Data needs to be classified in the security policy according to its sensitivity.  Once this has taken place, the most sensitive data has extra measures in place to safeguard and ensure its integrity and availability.  All access to this sensitive data must be logged.  Secure data is usually isolated from other stored data.
  • 9.
     Controlling physicalaccess to the data center or area where the data is stored.  Active or Open Directory is a centralized authentication management system that is available to companies to control and log access to any data on the system.  Encryption of the sensitive data is critical before transmission across public networks
  • 10.
     The useof firewalls on all publicly facing WAN connections.  Deploying VLANs’ and ACLs’ to isolate sensitive departments from the rest of the network.  Shutting down unused switch ports.  If wireless is deployed, use authentication servers to verify and log the identity of those logging on.  Anti-Virus and malicious software protection on all systems.
  • 11.
    Security Overview  Thereare four key issues in the security of databases just as with all security systems  Availability  Authenticity  Integrity  Confidentiality
  • 12.
    Availability  Data needsto be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
  • 13.
    Authenticity  Need toensure that the data has been edited by an authorized source  Need to confirm that users accessing the system are who they say they are  Need to verify that all report requests are from authorized users  Need to verify that any outbound data is going to the expected receiver
  • 14.
    Integrity  Need toverify that any external data has the correct formatting and other metadata  Need to verify that all input data is accurate and verifiable  Need to ensure that data is following the correct work flow rules for your institution/corporation  Need to be able to report on all data changes and who authored them to ensure compliance with corporate rules and privacy laws.
  • 15.
    Confidentiality  Need toensure that confidential data is only available to correct people  Need to ensure that entire database is security from external and internal system breaches  Need to provide for reporting on who has accessed what data and what they have done with it  Mission critical and Legal sensitive data must be highly security at the potential risk of lost business and litigation
  • 16.
    Top Security Myths The field of data security is rife with mistaken beliefs which cause people to design ineffective security solutions. Here are some of the most prevalent security myths:  Myth: Hackers cause most security breaches.  In fact, 80% of data loss is to caused by insiders.  Myth: Encryption makes your data secure.  In fact, encryption is only one approach to securing data. Security also requires access control, data integrity, system availability, and auditing.  Myth: Firewalls make your data secure.  In fact, 40% of Internet break-ins occur in spite of a firewall being in place.  To design a security solution that truly protects your data, you must understand the security requirements relevant to your site, and the scope of current threats to your data.
  • 17.
    Many Dimensions OfSystem Security
  • 18.
    Description  You mustprotect databases and the servers on which they reside; you must administer and protect the rights of internal database users; and you must guarantee the confidentiality of ecommerce customers as they access your database. With the Internet continually growing, the threat to data traveling over the network increases exponentially.  To protect all the elements of complex computing systems, you must address security issues in many dimensions, as outlined in Table
  • 19.
    Security Issues Physical Yourcomputers must be physically inaccessible to unauthorized users. This means that you must keep them in a secure physical environment. Personnel The people responsible for system administration and data security at your site must be reliable. You may need to perform background checks on DBAs before making hiring decisions. Procedural The procedures used in the operation of your system must assure reliable data. For example, one person might be responsible for database backups. Technical Storage, access, manipulation, and transmission of data must be safeguarded by technology that enforces your particular information control policies.
  • 20.
     Think carefullyabout the specific security risks to your data, and make sure the solutions you adopt actually fit the problems. In some instances, a technical solution may be inappropriate. For example, employees must occasionally leave their desks. A technical solution cannot solve this physical problem: the work environment must be secure.