Data Security vs Data Protection: Understanding Storage Vulnerabilities

Data Security vs Data Protection: Understanding Storage Vulnerabilities
Slide Note
Embed
Share

Data security and data protection are closely related concepts, encompassing the need to safeguard information from unauthorized access and ensure its availability. Threat agents, both external and internal, pose risks to data security. Storage vulnerabilities, such as lack of encryption and challenges with cloud storage, further highlight the importance of implementing robust security measures.

  • Data Security
  • Data Protection
  • Storage Vulnerabilities
  • Threat Agents
  • Information Security
ale_sc
ale_sc Follow

Uploaded on Mar 12, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. 1211 CYS IT Systems Components Lecture 2 # Storage Devices Part 1 King Saud University Applied Studies and Community Service 1211 CYS

  2. Topics: Data Security vs Data Protection Threats to Data Security Storage Vulnerabilities Data Security Best Practices King Saud University Applied Studies and Community Service 1211 CYS

  3. Distinguish between Data Security vs Data Protection. Describe the Threats of Data Security and Vulnerabilities. Objectives Describe Data Security Best Practices. King Saud University Applied Studies and Community Service 1211 CYS

  4. Data Security vs Data Protection Storage security and data security are closely related to data protection. Data security primarily involves keeping private information out of the hands of anyone not authorized to see it. It also includes protecting data from other types of attacks, such as ransomware that prevents access to information or attacks that alter data, making it unreliable. Data protection is more about making sure data remains available after less nefarious incidents, like system or component failures or even natural disasters. But the two overlap in their shared need to ensure the reliability and availability of information, as well as in the need to recover from any incidents that might threaten an organization s data. King Saud University Applied Studies and Community Service 1211 CYS

  5. Data Security vs Data Protection King Saud University Applied Studies and Community Service 1211 CYS

  6. Threats to Data Security Before looking at how to implement data storage security, it is important to understand the types of threats organizations face. Threat agents can be divided into two categories: external and internal. External threat agents include: Nation states Terrorists Hackers, cybercriminals, organized crime groups Competitors carrying out industrial espionage Internal threat agents include: Malicious insiders Poorly trained or careless staff Disgruntled employees Other threats include: Fire, flooding and other natural disasters Power outages King Saud University Applied Studies and Community Service 1211 CYS

  7. Storage Vulnerabilities Another huge driver of interest in data storage security is the vulnerabilities inherent in storage systems. They include the following: Lack of encryption The means organizations need to install separate software or an encryption appliance in order to make sure that their data is encrypted. Cloud storage The cloud adds complexity to storage environments and often requires storage personnel to learn new tools and implement new procedures in order to ensure that data is adequately secured. Incomplete data destruction When data is deleted from a hard drive or other storage media, it may leave behind traces that could allow unauthorized individuals to recover that information. Lack of physical security Some organizations don t pay enough attention to the physical security of their storage devices. King Saud University Applied Studies and Community Service 1211 CYS

  8. Data Storage Security Principles At the highest level, data storage security seeks to ensure CIA confidentiality, integrity, and availability. Confidentiality: Keeping data confidential by ensuring that it cannot be accessed either over a network or locally by unauthorized people is a key storage security principle for preventing data breaches. Integrity: Data integrity in the context of data storage security means ensuring that the data cannot be tampered with or changed. Availability: In the context of data storage security, availability means minimizing the risk that storage resources are destroyed or made inaccessible either deliberately say during a DDoS attack or accidentally, due to a natural disaster, power failure, or mechanical breakdown. King Saud University Applied Studies and Community Service 1211 CYS

  9. Data Security Best Practices Data storage security policies: Enterprises should have written policies specifying the appropriate levels of security for the different types of data that it has. Access control: Administrators should also be sure to change any default passwords on their storage devices and to enforce the use of strong passwords by users. Encryption: Data should be encrypted both while in transit and at rest in the storage systems. Storage administrators also need to have a secure key management systems for tracking their encryption keys. Data loss prevention: Many experts say that encryption alone is not enough to provide full data security. They recommend that organizations also deploy data loss prevention (DLP) solutions that can help find and stop any attacks in progress. Strong network security: firewalls, anti-malware protection, security gateways, intrusion detection systems and possibly advanced analytics and machine learning based security solutions. Strong endpoint security: appropriate security measures in place on the PCs, smartphones and other devices that will be accessing the stored data. Redundancy: Redundant storage, including, not only helps to improve availability and performance, in some cases, it can also help organizations mitigate security incidents Backup and recovery: make sure that their backup systems and processes are adequate, disaster recovery purposes, In addition, they need to make sure that backup systems have the same level of data security in place as primary systems. King Saud University Applied Studies and Community Service 1211 CYS

  10. Data Center Storage and Cloud Storage Data center storage primarily refers to the devices, equipment and software technologies that enable data and application storage within a data center facility. This includes: - Hard disk drives, tape drives and other forms of internal and external storage Data center storage primarily refers to the devices, equipment and software technologies that enable data and application storage within a data center facility. - Storage and backup management software utilities - External storage facilities/solutions such as cloud or remote storage - Storage networking technologies such as storage area networks (SAN), network attached storage (NAS). Cloud storage is also known as utility storage a term subject to differentiation based on actual implementation and service delivery. Cloud storage works through data center virtualization, providing end users and applications with a virtual storage architecture that is scalable according to application requirements. King Saud University Applied Studies and Community Service 1211 CYS

  11. Data Center Storage and Cloud Storage The main difference between the cloud vs. data center is that a data center refers to on-premise hardware while the cloud refers to off-premise computing. Data center storage primarily refers to the devices, equipment and software technologies that enable data and application storage within a data center facility. King Saud University Applied Studies and Community Service 1211 CYS

  12. Discuss the Threats to Data Security and Data Security Best Practices King Saud University Applied Studies and Community Service 1211 CYS

  13. End of Second Lecture King Saud University Applied Studies and Community Service 1211 CYS

Related


Addressing 5G Signaling Protocol Vulnerabilities

Addressing 5G Signaling Protocol Vulnerabilities

lyon
Top-Rated Storage Services in Delhi NCR: Secure & Convenient

Top-Rated Storage Services in Delhi NCR: Secure & Convenient

ken1
Various Structures for Seed Storage and Improved Rural Storage Methods

Various Structures for Seed Storage and Improved Rural Storage Methods

theodora
The General Data Protection Regulation (GDPR) and Data Protection Bill

The General Data Protection Regulation (GDPR) and Data Protection Bill

helena
Tape Storage: LTO and LTFS Overview

Tape Storage: LTO and LTFS Overview

felicia
Software Security Principles and Practices: Enhancing Program Code Security

Software Security Principles and Practices: Enhancing Program Code Security

abcde
Computer Security and Software Vulnerabilities

Computer Security and Software Vulnerabilities

chriss
Data Storage, Backup, and Security Essentials

Data Storage, Backup, and Security Essentials

mortenson_j
PELICAN: A Building Block for Exascale Cold Data Storage

PELICAN: A Building Block for Exascale Cold Data Storage

bielecki_b
Overview of EGI Online Storage Service Architecture and Interfaces

Overview of EGI Online Storage Service Architecture and Interfaces

lepe_a
Gas Storage Investment Workshop Insights

Gas Storage Investment Workshop Insights

gdena
Nicor Gas Supply and Storage Overview

Nicor Gas Supply and Storage Overview

shouryad
Evolution of Ceph's Storage Backends: Lessons Learned

Evolution of Ceph's Storage Backends: Lessons Learned

jessa
Server-Side Technologies and Security Vulnerabilities in Mobile Services

Server-Side Technologies and Security Vulnerabilities in Mobile Services

alaysha
Security Threats and Vulnerabilities in Computer Systems

Security Threats and Vulnerabilities in Computer Systems

nathanlo
Data Protection Best Practices for Secure Storage and File Encryption

Data Protection Best Practices for Secure Storage and File Encryption

dessi
The Importance of OWASP Dependency-Check Project

The Importance of OWASP Dependency-Check Project

gwilk
Spectre and Meltdown Security Vulnerabilities

Spectre and Meltdown Security Vulnerabilities

mcsherry_k
Cloud Security Threats and Vulnerabilities

Cloud Security Threats and Vulnerabilities

mesa_i
Research Insights on IHEP Disk Storage Systems and Cloud Computing Integration

Research Insights on IHEP Disk Storage Systems and Cloud Computing Integration

fshel
Importance of Security in Web Development

Importance of Security in Web Development

kharmync
Computer Data Storage with Ceph

Computer Data Storage with Ceph

avr_g

More Related Content