In the modern day world, security for files is crucial, as they may contain personal information and critical information. Risks are posed from both internal and external threats. Internal may consist of unhappy employees, mistakes or social engineering. External come from black hat hackers, but internal is usually the more common.
This topic covers:
Data and file protection
Cryptography / Encryption
Comparison of methods
Protection of files and data
There are multiple ways for a company to protect their data and to do so they must incorporate policies. This could include:
Having different access rights, by allowing certain users to only read and write to certain files and not others, reducing the chance of internal threats
Each user should be instructed to have a complex password and suggest changing it every few weeks
These passwords should not be written down in books, notes etc.
Hard copies of any file should be disposed of correctly, by shredding and then using a special service to dispose of it
Workstations should be locked when not in use
This is also known as encryption and involves the jumbling of letters of plain text into cipher text using a key, where it cannot be understood unless unjumbled (decryption) via the same key. It can be traced back as far as Julius Caesar, who used the Caesar cipher to encrypt his messages. His key involved moving each letter in the alphabet forward a certain number of places, with the number of places being a key. For example, with a key of 2, ‘ABC’ would become ‘CDE’.
Encryption never used to be too common, but is now crucial when communicating online and is becoming more and more complex, as computers are cracking keys faster. There are 2 main types of encryption – symmetric and asymmetric encryption.
This is where decryption involves just reversing the encryption process. Taking the Caesar cipher as example, if each letter was moved forward 3 spaces, then the reverse would be moving back 3 spaces.
The advantage is that they are very fast to set up and easy to put into practice. Every encryption before around 1975 was of this type, before they were changed. This is because they are extremely easy for a computer to crack, often in a matter of minutes, which makes them unreliable, unless an incredibly complex key is used.
This type means that even if someone has the encryption key, they cannot decrypt the data. They are incredibly difficult for computers to crack and are very useful for communicating online.
If someone wants to send another person a message, then they can publish their encryption key online and have the other person encrypt the message using that key. However, only that person will know the decryption key, meaning that even if the encrypted data and encryption key is found, the data cannot be decrypted.
Comparing Cryptographic methods
When comparing, the main thing taken into account is how difficult the encryption is to break. The father of information history, Clause Shannon, defined what makes up a good cipher.
Should work on all data types
The higher the secrecy, the more difficult he key should be to crack
The algorithm should be made as simple as it can be to avoid errors
If an error occurs, it should not affect the whole message
The size of the encrypted text should not be larger than the original.
Cracking The Key
When attempting to decrypt something, the aim is to find the decryption key. One option for this is brute force, where the attacker attempts to use every possible key until the correct one is found. This is extremely ineffective and takes a long time, but is the most common method for hackers.
Another method is statistical analysis. Say the encrypted text had:
20 T’s, 7 C’s, 9 A’s, 4 R’s and 6J’s.
We can use the fact that some letters are far more common in English than others and then use this in comparison to the cipher text.
In this example, the most common letter is a T. The most frequent letter in English is the letter ‘E’, occurring over 10% of the time. Hence, we can propose that the letter T in our cipher text could be the letter E. You can then attempt to figure out the key by determining keys that would result in this letter change. However, this method is still ineffective as it would still take a long time to determine all possible keys – it would best work on an encryption method like the Caesar cipher.
The most common method for encryption is using a logical operation, like XOR on the original text along with the key. Click here to read more on this method. To break these, brute force is required. You can tell the difference a strong encryption makes, as one with a 56-bit key would take a few days to crack, whereas 128-bit would take millions of years.
Biometric data is the measurements and metric of a human’s unique characteristics. The most common measurements are the face, finger prints, retina scans, DNA and palm prints and they are often found in modern smartphones. This effectively makes the person the key to access data.
For fingerprints, the scanner detects the tiny ridges and valleys in a person’s finger, which is unique for every human. This means that the scanner cannot be fooled by a print of the person’s finger, as it would not detect these ridges and valleys.
Facial recognition works by working out the distances between the person’s eyes, jaw, nose and cheekbones are and comparing it to the measurements needed to access the data. Some more modern devices build a 3D model of the persons face, but this is only really accurate when facing the scanner face on, which is why airport security ask you to look straight ahead for your passport photo.
Has potential to be far more secure than the common typed passwords as it is extremely difficult to replicate biometric data
Biometric data cannot be lost, forgotten, or stolen
Social engineering (more on this later) cannot be used to obtain your biometric data
Queuing system times can be reduced, as you need only look / press, rather than type an entire password/ pin.
Lack of reliability, may take multiple tries for a system to recognise the data
Peoples biometrics can change over time, due to ageing, conditions, r even the weather / moisture levels (for fingerprints)
Some people have concerns over how their biometric data is shared between companies, as well as it's true purpose. An example is shopping centres using facial recognition to see what we are buying and then targeting our phones with ads related to that same kind of thing.
There are many risks when it comes to computer technology, especially with personal information and security information. Therefore, many companies follow a plan that is carried out should a 'disaster' happen. A disaster can be :
A natural disaster, like an earthquake or flood, that can destroy the computers holding crucial information
Server failure, leading to complete loss of that servers information
An attack, like a hacker attempting to gain unlawful access to information, either to remove it, or distribute it themselves.
The plan is called a Contingency plan, and it is important to recognise what and how data is stored, as well as how each piece of stored data affects another, but most importantly, how data recovery will be enacted following a disaster. Here follows some ways a company / business can recover their data :
Involves making duplicates of data that can be used to recover the copy of the data, if a file/data is lost or corrupted. All data is copied to a second storage space (e.g. magnetic tape, or CD-ROM) and then stored in a different, safe location.
This is the removing of inactive data from a computer system. This includes data
that is no longer needed (e.g. invoice data from a previous year, or a past students account information at a school) The data is identified and then deleted. Redundant data will slow down/fill up a system. This is fairly infrequent though, as the law usually states that past data should be kept for around 7 years before it can legally be removed.
Redundant servers can exist, activating is the main server fails. They are usually kept off-site or offline until the disaster happens.. The plan needs to be tested and executed to ensure everything works as it should. It should also change over time, just as the business grows and expands in different areas.