Data security and encryption Flashcards
What is encryption?
A method of encoding information in such a way that only authorised parties can access it and those who do not have access cannot
It does not prevent theft, but does deny intelligible content from the interceptor
Plain text (intended information or message) is encrypted using an encryption algorithm, a cipher, which can only be read if decrypted
What are the 2 types of encryption?
- Private (symmertic) key encryption
Communities must have the same key in order to achieve secure communication
e.g. Advanced Encryption Standard (AES)- stronger keys 128/192/256 bit keys
- Public key encryption
a. The encryption key is published for everyone to use and encrypt messages
b. Only the receiving party access to the private key, so only they can decrypt the message
What is PGP?
pretty good privacy
Encryption program that provides cryptographic privacy and authentication for data communication
Used for signing, encrypting and decrypting
a. Texts
b. Email
c. Files
d. Directories…
What are the 6 steps in PGP?
- Generate a random key
- Use random key to encrypt data
- Use the receivers public key to encrypt the random key
- Send encrypted data and encrypted key to receiver
- Receiver decrypts the random key using the private key
- Receiver decrypts the data using the random key
What is the NHS England information security policy?
Security policy to outline how NHS organisations comply with GDPR and other legislation to ensure confidentiality and covers the behaviour of individuals that manage information on behalf of NHS England
Aims to preserve:
- Confidentiality
a. Access to data shall be confined to those with the appropriate authority - Integrity
a. Information shall be kept complete and accurate and free from corruption or modification. Inaccuracies can be accidental (e.g. programming error) or maliciously (breaches or hacks) - Availability
a. Information shall be kept available and delivered to the right person at the time when it is needed
What are the roles and responsibilities defined in the NHS England’s information security policy?
Chief exec- ultimately responsibility for information security
All staff- responsible for information security and must understand and comply with this policy
What should all mandatory data security awareness cover?
- What information they are handling and how this should be handled
- What the procedures or sops exist for data sharing
- How to report a suspected breach
- Their responsibility for raising concerns
What are the requirements of the policy that all trusts must implement? (max 12)
- Access control
a. Physical access to areas- must show business need for access - Computer access controls
a. Must show business needs - Equipment and safety
a. All electronic equipment shall be identified, registered and protected from physical/environmental hazards - Computers and networks
a. Management/changes will be documented - Information risk assessment
a. Must be completed annually at a minimum - Information security events and weaknesses
a. All security events, near misses and suspected weaknesses should be reported to the head of IT and incidents should be reported to NHS England - Protection from malicious software
a. IT shall use software counter measures and manage processes or procedures to protect itself from malware
b. Users shall not install software onto the organisation network without permission - Removable media
a. All removable media will be encrypted - Monitoring system access and use
a. An audit trail is required of all access and staff data use which shall be maintained and reviewed - System change control
- Disaster recovery plans
a. Must be implemented and align with ISO22301 best practice - Training and awareness
What is a firewall?
A firewall is a network security system that monitors and control incoming and outgoing network traffic based on predetermined rules
Establishes a barrier between a trusted internal network and an intrusted external network, such as the internet
What are the 5 practices do security professionals use to ensure data integrity?
- Encryption
- Data back ups
- Access controls- assignment of read/write privileges
- Input validation to prevent incorrect data entry
- Data validation, to certify uncorrupted transmission (check sum)
What is a checksum?
A checksum or hash is sequence of letters and numbers of a fixed length which is used to represent a file. The hash is unique and the hash can be compared to see if any changes have occur during file transfer
How would you use a check sum to ensure integrity of a file transfer?
- Use command- md5sum
- transfer file- mv
- cd into destination
- calculate checksum
- compare
Name the different checksums and the benefits of using larger checksums?
MD5, SHA-1, SHA-256
The SHA-256 has is much larger which reduces the change of collisions (where two different files have the same hash). A hacker could use this technique to disguise the file as a legitimate file.