Scribd
Upload
26 views

Chapter 3 - Security and relevance of data and Information

The document outlines the importance of data security, emphasizing the need to safeguard digital information from corruption, theft, or unauthorized access throughout its life cycle. It details various types of data security measures, such as encryption, data erasure, and access control, as well as the significance of compliance with legal obligations and risk mitigation. Ultimately, prioritizing data security is essential for protecting organizational assets, maintaining trust, and enabling informed decision-making.

Uploaded by

Azalia Beatrice Sygaco Alumbro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views

Chapter 3 - Security and relevance of data and Information

The document outlines the importance of data security, emphasizing the need to safeguard digital information from corruption, theft, or unauthorized access throughout its life cycle. It details various types of data security measures, such as encryption, data erasure, and access control, as well as the significance of compliance with legal obligations and risk mitigation. Ultimately, prioritizing data security is essential for protecting organizational assets, maintaining trust, and enabling informed decision-making.

Uploaded by

Azalia Beatrice Sygaco Alumbro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

SECURITY AND

RELEVANCE OF DATA
AND INFORMATION
DATA SECURITY
IS THE SAFEGUARDING DIGITAL
INFORMATION THROUGHOUT IT'S
ENTIRE LIFE CYCLE TO PROTECT IT FROM
CORRUPTION,THEFT,OR UNAUTHORIZED
ACCESS. IT COVERS EVERYTHING
HARDWARE , SOFTWARE , STORAGE
DEVICES AND USERS DEVICES, ACCESS
AND ADMINISTRATIVE CONTROLS AND
ORGANIZATION POLICIES AND
PROCEDURES.
TYPES OF DATA SECURITY
1. ENCRYPTION
Data encryption is the use of algorithms to scramble data
and hide its true meaning. Encrypting data ensures
messages can only be read by recipients with the
appropriate decryption key. This is crucial, especially in the
event of a data breach, because even if an attacker manages
to gain access to the data, they will not be able to read it
without the decryption key.
2. Data Erasure

There will be occasions in which organizations


no longer require data and need it permanently
removed from their systems. Data erasure is an
effective data security management technique
that removes liability and the chance of a data
breach occurring.
3. Data Masking

Data masking enables an organization to hide data by


obscuring and replacing specific letters or numbers. This
process is a form of encryption that renders the data
useless should a hacker intercept it. The original message
can only be uncovered by someone who has the code to
decrypt or replace the masked characters.
4. Data Resiliency

Organizations can mitigate the risk of accidental


destruction or loss of data by creating backups or
copies of their data. Data backups are vital to
protecting information and ensuring it is always
available. This is particularly important during a data
breach or ransomware attack, ensuring the
organization can restore a previous backup.
DATA AND
INFORMATION
SECURITY
PROCEDURES
1. ACCESS CONTROL:
LIMITING ACCESS TO DATA BASED ON ROLES AND
PERMISSIONS TO PREVENT UNAUTHORIZED
ACCESS.
2. REGULAR BACKUPS:
CREATING DUPLICATES OF DATA TO PREVENT
LOSS IN CASE OF SYSTEM FAILURES OR
CYBERATTACKS.
3. DATA CLASSIFICATION:
CATERING DATA BASED ON its SENSITIVITY
AND IMPLEMENTING APPROPRIATE SECURITY
MEASURES ACCORDINGLY.
4. Firewalls and Antivirus Software:
Deploying tools to prevent unauthorized access and
detect and remove malicious software.

5. Regular Updates and Patch Management:


Ensuring that software and systems are up-to-date with
the latest security patches to prevent vulnerabilities.

6. Employee Training:
Educating staff on security best practices and the
importance of protecting sensitive information.
7. Monitoring and Logging:
Keeping track of activities
within the system to detect and
respond to any suspicious
behavio or breaches promptly.
Data and Information Security
Policy
1. User Authentication:
Specify requirements for user authentication
methods, such as passwords, multi-factor
authentication (MFA), or biometric authentication, to
verify the identity of users accessing the MIS.

2. Data Backup and Recovery:


Establish procedures for regular backups of MIS data and
systems to prevent data loss due to accidental deletion,
hardware failure, or cyberattacks, along with protocols for
timely data restoration in case of an incident.
3. Security Monitoring: Implement mechanisms for
continuous monitoring of MIS activities and logs to detect
and respond to security incidents, anomalies, or
unauthorized access attempts promptly.

4. Vulnerability Management: Conduct regular


vulnerability assessments and penetration testing of the
MIS to identify and address potential security
weaknesses or vulnerabilities proactively.
5. Incident Response Plan
Define procedures for reporting, investigating, and
responding to security incidents or breaches involving the
MIS, including roles and responsibilities of personnel
involved and communication protocols.

6. Data Privacy and Compliance


Ensure compliance with relevant data protection and
privacy regulations by implementing appropriate measures
to safeguard personal data processed within the MIS and
by providing transparency to data subjects regarding how
their data is handled.
7. Third-Party Risk Management:
Address security requirements for third-party vendors,
contractors, or service providers that interact with or
have access to the MIS, including contractual obligations,
security assessments, and monitoring.

8. Security Awareness Training:


Provide regular training and awareness programs for MIS
users and personnel to educate them about security
policies, best practices, and potential risks to enhance
their security awareness and vigilance.
The Importance of Security

1. Protection of Confidentiality:
Ensuring that sensitive data is only accessible to authorized
individuals or entities prevents unauthorized disclosure or
exposure, safeguarding sensitive information such as personal,
financial, or proprietary data.

2. Preservation of Integrity:
Maintaining the accuracy and reliability of data is crucial for
making informed decisions and conducting business operations
effectively. Protecting data from unauthorized tampering,
alteration, or corruption helps preserve its integrity and
trustworthiness.
3. Availability and Accessibility:
Ensuring that data and information are available and accessible
when needed enables uninterrupted business operations, decision-
making processes, and service delivery. Protecting against
disruptions, downtime, or denial-of-service attacks helps maintain
continuity and productivity.

4. Compliance and Legal Obligations:


Adhering to regulatory requirements, industry standards, and legal
obligations concerning data protection, privacy, and security is
essential for avoiding penalties, fines, legal liabilities, and
reputational damage associated with non-compliance.
5. Risk Mitigation: Identifying, assessing, and mitigating risks
related to data breaches, cyberattacks, data loss, or
unauthorized access helps minimize potential threats and
vulnerabilities that could compromise organizational assets,
reputation, or competitiveness.

6. Trust and Reputation: Establishing a reputation for


protecting data and information confidentiality, integrity, and
availability enhances trust and confidence among customers,
partners, stakeholders, and the public, leading to
stronger relationshine and brand loyalty
7. Innovation and Decision Making: Having access to relevant,
accurate, and timely data empowers organizations to derive
insights, drive innovation, and make informed decisions,
leading to competitive advantages, improved performance, and
strategic growth.

8. Financial and Operational Efficiency: Preventing data


breaches, security incidents, or data loss helps avoid financial
losses, operational disruptions, and costly recovery efforts
associated with remediation, legal proceedings, regulatory
fines, or reputational damage.
Overall, prioritizing the security and relevance
of data and information is essential for
protecting organizational assets, maintaining
trust and compliance, enabling informed
decision-making, and sustaining business
resilience and competitivenes in today's digital
landscape.
Thank you!!

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy