What Are the Best Tips for Secure Data Storage?
The International Organization for Standardization (ISO) defines computer system security as the protection of technology and management established and adopted for data processing systems, protecting computer hardware, software, and data from accidental and malicious causes from being damaged, altered, and leaked . Therefore, the security of computer networks can be understood as: by adopting various technologies and management measures, the network system can be operated normally, thereby ensuring the availability, integrity and confidentiality of network data. Therefore, the purpose of establishing network security protection measures is to ensure that the data transmitted and exchanged through the network will not be increased, modified, lost, and leaked.
- Information security or data security has two opposing meanings: the first is the security of the data itself, which mainly refers to the use of modern
- 1) Confidentiality
- Confidentiality (secrecy), also known as confidentiality, means that personal or group information is not available to others who should not be obtained. In the computer, many software, including mail software, web browser, etc., have privacy-related settings to maintain the confidentiality of user information. In addition, spy files or hackers may cause confidentiality problems.
- 2) Integrity
- Data integrity is one of the three basic points of information security. It refers to ensuring that information or data cannot be unauthorized tampered or can be found quickly after tampering during the transmission or storage of information or data. In the use of information security, it is often confused with confidentiality boundaries. Take ordinary RSA to encrypt value information as an example, hackers or malicious users
- There are many factors that threaten data security. The following are more common:
- 1) Hard drive damage: Physical damage to a hard drive means data loss. The operating loss of the device, the failure of the storage medium, the operating environment, and human damage can all affect the hard disk drive device.
- 2) Human error: due to operation errors, users may mistakenly delete important files of the system, or modify parameters affecting the operation of the system, and system downtime caused by improper requirements or improper operation.
- 3) Hackers: Intruders use system vulnerabilities and poor supervision to remotely invade the system through the network.
- 4) Viruses: Computers are infected with viruses and cause damage, and even cause significant economic losses. Computer viruses have strong replication capabilities and are highly infectious, especially in the network environment, and spread faster.
- 5) Information theft: Copy, delete information from the computer or simply steal the computer.
- 6) Natural disasters
- 7) Power failure: The power supply system is faulty. An instantaneous overload of electrical power will damage the data on the hard disk or storage device.
- 8) Magnetic interference: When important data comes into contact with magnetic materials, computer data will be destroyed. [1]
- Different units and organizations have their own network information centers. In order to ensure the security (confidentiality) of important data in the information center and network center computer rooms, they are generally formulated in accordance with national laws and relevant regulations, which are suitable for the data security system of the unit. as follows:
- 1) Classify the media or data used and generated by the application system according to their importance. For the media that stores important data, back up the necessary copies and store them in different safe places (fireproof, high temperature, shockproof, antimagnetic , Anti-static and anti-theft), establish a strict confidentiality storage system.
- 2) The important data (medium) retained in the computer room should be the minimum amount necessary for the effective operation of the system, and otherwise it should not be kept in the computer room.
- 3) Determine the access rights, access methods, and approval procedures of users based on the confidentiality regulations and uses of the data.
- 4) The important data (media) library should be set up for registration and storage. No important data (media) can be misappropriated without approval.
- 5) During the use of important data (medium), the lending or copying should be controlled strictly in accordance with the state's confidentiality regulations. The use or copying needs to be approved.
- 6) All important data (media) should be checked regularly, the safe storage period of the media should be considered, and the copy should be updated in time. Damaged, discarded, or outdated important data (media) should be demagnetized by a special person. Important data (medium) above the secret level should be destroyed in a timely manner when the confidentiality period is exceeded or discarded.
- 7) At the end of the confidential data processing operation, the programs and data related to the operation on the storage, online tapes, disks, and other media should be cleared in time.
- 8) Confidential information storage devices of confidential level or above shall not be incorporated into the Internet. Important data must not be leaked, and the input and modification of important data should be completed by a special person. Printouts of important data and external storage media should be stored in a safe place, and waste paper printed should be promptly destroyed. [2]
- Computers store more and more information, and they are more and more important. In order to prevent accidental loss of data in computers, many important security protection technologies are generally used to ensure data security. Common and popular data security protection technologies are as follows:
- 1)
- Strictly speaking, security technology includes only three categories: hiding, access control, and cryptography.
- Cryptography (originated from Greek kryptós, "hidden", and gráphein, "writing" in Western European languages) is a discipline that studies how to convey information secretly. In modern times, it refers specifically to the mathematical study of information and its transmission, which is often regarded as a branch of mathematics and computer science, and is also closely related to information theory. Cryptologist Ron Rivest explains: "Cryptography is about how to communicate in the environment where the enemy exists." From an engineering perspective, this is equivalent to the similarities and differences between cryptography and pure mathematics. Cryptography is the core of information security and other related topics, such as authentication and access control. The primary purpose of cryptography is to conceal the meaning of information, not the existence of hidden information. Cryptography also promotes computer science, especially in the technologies used in computer and network security, such as access control and confidentiality of information. Cryptography has been applied in daily life: including chip cards for ATMs, computer users' access to passwords, e-commerce, and more.
- 1)
- Data is the real theme of the informatization trend. Enterprises have regarded key data as the basis for normal operation. In the event of a data disaster, the overall work will be paralyzed, causing immeasurable losses. There are many ways to protect critical business data, but the following three are basic:
- 1) Back up critical data.
- Backing up data is a copy of the data on other media. For example, you can burn all important files to a CD-ROM or a second hard disk. There are two basic backup methods: full backup and incremental backup. A full backup copies the selected data completely to other media. Incremental backups only back up data that has been added or changed since the last full backup.
- Expanding a full backup with incremental backups is usually faster and takes up less storage space. Consider doing a full backup once a week and then an incremental backup every day. However, if you want to recover data after a crash, it will take a long time, because you must first restore a full backup and then restore each incremental backup. If you are bothered about this, you can take another approach and do a full backup every night; just make the backup run automatically after work.
- It is a good idea to frequently test backups by actually restoring the data to the test location. This has the effect of ensuring that the backup media and backup data are in good condition, identifying problems in the recovery process, and providing a level of confidence.
- Not only must the data be backed up in an accurate and secure manner, but it must also be ensured that it can be successfully loaded back into the system when recovery is needed.
- 2) Establish permissions.
- Both the operating system and the server provide protection against data loss due to employee activities. Servers allow users to be assigned different levels of permissions based on their roles and responsibilities within the organization. "Administrator" access should not be provided to all users. This is not a best practice for maintaining a secure environment. Instead, a "least-privilege" policy should be developed, and the server should be configured so that each user can use only specific programs and clearly Define user permissions.
- 3) Encrypt sensitive data.
- Encrypting data means converting it to a format that can disguise the data. Encryption is used to ensure confidentiality and integrity when data is stored or moved across a network. Only those authorized users who have tools to decrypt encrypted files can access them. Encryption complements other access control methods and provides an additional layer of protection for data on computers that are easily stolen, such as laptops, or files shared on the network.
- Combining these three approaches should provide most businesses with the level of protection they need to keep their data secure.
- Intranet is basically based on broadcasting technology
- TOPSEC
- Chinasec (Anyuan) intranet security management platform and Chinasec (Anyuan) mobile security management platform
- Data Security Protection System Rising Kingsoft Internet Security
- Jiang Min
- Kaspersky
- Norton
- NOD32
- 360 Security Guard
- Active defense
- Twister Anti-TrojanVirus
- avast!
- McAfee
- F-Secure AntiVirus
- PC-cillin
- AVG Anti-Virus
- Hongan DLP