The UK government, quoted on the Information Age website, recently reported that the risk to small businesses doubled between 2014 and 2016, regarding the financial risk of their data assets. This threat is particularly dangerous for SMEs and startups because of the limits of their abilities to absorb the financial losses that can be the direct result of data breaches.
Fortunately, the options are better than they were even a few short years ago. Protection has to be robust and flexible and meet the requirements to encapsulate data now and into the rapidly evolving future. The priority is shifting away from network-centric data protection toward an approach that focuses more directly on the data itself.
The trend in data protection heads in a predictable direction, toward a layered defense of the data assets at the source. The following list of data protection principles and solutions maps out the path that data security is taking now and in the next few years.
These are the principles to consider in designing secure data systems. Along with each principle, the list includes the current thinking on what is or could potentially develop as the best practice in response to the threats of criminal data breaches.
Principle #1: No content without context – Data should remain in a protected environment at all times, which means making it context dependent; it should be of no use without the proper authorization in sanctioned operations.
Solution: Network-centric environmental protection that employs firewalls, encrypted tunnels, directly in the operating system and applications.
Principle #2: Protection directly at the data source – A data protection system that is too remote from the source invites too many avenues of attack.
Solution: Create containers that keep the data encrypted anytime it is not directly in use.
Principle #3: Consistent information lifecycle security – Ensure consistent security throughout the information lifecycle.
Solution: Label data with metadata information tags that describe its attributes without decrypting it and provides a handle for consistent data management.
Principle #4: Put hardware at the core of certification – Limit the software surface area that is vulnerable to attack.
Solution: There must always be a hardware-based trust root certification as the basis to identify users and data access.
Principle #5: Apply rules and validation – The next level would be a signature code that validates the integrity of the system environment.
Solution: Centralize the authorization for access to data to control which users can access the data. Separate the functions that decide access from those that enforce it.
Emerging solution: Portable rules engines that travel with the data and determine authorization when it resides in virtualized environments beyond the control of the system.
The final component will be to industry-standardize security architecture (for which the primary contender is OASIS XACML) summarized in the following points:
Intersog, a leading technology partner, gains recognition on Clutch's prestigious list for game-changing software developers…
In the shift towards widespread remote work, the adoption of advanced digital tools marks a…
In the quest for innovation, the fusion of AI and Machine Learning with global remote…
In an era marked by rapid technological progress, the fusion of cloud computing and artificial…
Explore Intersog's unique approach to tech recruitment, offering a transparent, direct path to genuine career…
Explore the critical role and innovative strategies of efficient software maintenance for ensuring software stability,…
This website uses cookies.