Domain 3:Compare and contrast concepts and strategies to protect data Flashcards
Personally Identifiable Information (PII):
PII is data that is unique to a person, for example, their social security number, biometric data, driving license number, employee records, mobile phone number, or email address.
Protected Health Information (PHI)
PHI is health data that is unique to a person, such as their medical history, including diseases and treatments and various test results, such as MRI scans or X-rays.
Financial data
This is data related to electronic payments, including bank account details, credit card information, and transaction records, and is subject to financial regulations and laws, such as those related to consumer privacy, anti-money laundering, and fraud prevention, including monitoring of payments and defaults.
Trade secrets
Trade secrets include confidential business dealings that provide a competitive advantage. Protecting trade secrets requires a combination of legal and technical measures, such as Non-Disclosure Agreements (NDAs) and employment contracts, while technical measures involve restricting access to trade secret information and monitoring data flows
Propriety data
Often overlapping with IP or trade secrets, propriety data is data generated by a company, and can also include research or product development work.
Human - readbale data
This is information that can be easily understood by humans, such as text, images, and audio. This data is then encrypted for security.
Non human readable
This data includes binary code, machine language, and encrypted data. To protect non-human-readable data, cryptographic algorithms, secure key management, and secure hardware modules are essential to safeguard sensitive information.
General Data Protection Regulation (GDPR)
EU laws guarding personal data rights and privacy in the digital realm
Health Insurance Portability and Accountability Act (HIPAA)
U.S. regulations securing the privacy of health information.
California Consumer Privacy Act (CCPA)
California legislation empowering consumer data rights and privacy.
Sarbanes-Oxley Act (SOX)
U.S. law ensuring financial transparency and accountability for public companies.
Gramm-Leach-Bliley Act (GLBA)
U.S. act imposing privacy and security rules on financial institutions.
Sensitive data
: Sensitive data, often referred to as “privileged information,” encompasses any information that, if exposed, could lead to harm or undesirable consequences for individuals or organizations. It is a treasure trove
Confidential data: Research and Development (R&D
confidential data as disclosure would cause damage to the company. They have strict legal protection, an example of which is attorney-client privilege. Access to confidential data typically requires authorization or special permission.
Critical data
This is data that is critical for the running of the organization, such as backups or encryption keys, that could cause operation failure if corrupted or lost. It could also be classified and encrypted to prevent an outside party from accessing it.
Private data
Private data is data that an individual does not want to disclose. It is data that is not meant for public consumption and is typically kept within a restricted circle of trust and that, if exposed, could cause critical damage.
Restricted Data
Restricted data, also known as “confidential” information, signifies data that should have limited access and necessitates heightened security measures. It implies specific, often more stringent, limitations or conditions on how the data can be used, distributed, or accessed. Restricted data might include information that not only requires authorization for access but also has legal, regulatory, or policy-imposed constraints on its use.
Public data
This is data that is available to anyone, such as yesterday’s news, leaflets, or brochures that have been distributed everywhere.
Geolocation
Geolocation assists security teams in identifying the geographic/physical origins of a request for data or user authentication. Its purpose is to help verify the legitimacy of access requests by confirming whether the user or device is in an expected location. This is particularly important for online banking, two-factor authentication, and remote access to secure systems.
Geographical restrictions
Geographic restrictions limit data access to users or devices based in a specified region. This approach is valuable for ensuring data compliance with specific jurisdictional regulations. However, it may pose challenges for remote work and global collaborations.
Hashing
Hashing converts data into a fixed-length string of characters. It is a one-way function and cannot be reverse engineered. Hashing is used to securely store passwords in databases, but its main purpose is to ensure data integrity.
Permission restrictions
Permission restrictions control who can access and modify data according to user roles and privileges. This strategy ensures that only authorized personnel can interact with sensitive information.
DATA MASKING
: Data masking, akin to wearing a mask for anonymity, involves disguising sensitive data by replacing original values with fictitious ones. This technique is crucial for creating safe testing environments and sharing data for analysis without compromising privacy:
XOR DATA MASKING
Exclusive OR (XOR): XOR is a logical operation that works by comparing two binary values (typically bits, that is, 0s and 1s) and producing an output based on a specific rule:
If the two input bits are the same (both 0 or both 1), XOR outputs 0.
If the two input bits are different (one is 0 and the other is 1), XOR outputs 1.
Supervisory Control and Data Acquisition (SCADA)
systems are sophisticated automated industrial control systems (ICS) that encompass various stages of production
SCADA systems run on
The SCADA system runs on the same software as client computers and is vulnerable to the same threats.
Four phases of ScADA (level 0)
Plant Level (Level 0): This is the lowest level in the SCADA system hierarchy. It includes the physical equipment and processes on the factory floor, such as sensors, actuators, motors, pumps, and other industrial devices. These devices gather data and perform actions as directed by the higher-level controllers.
SCADA level 1
Controller Level (Level 1): This level is responsible for the real-time control of the physical processes. It includes devices such as Programmable Logic Controllers (PLCs) that receive input from sensors on the plant floor, process the data, and send commands to actuators and other devices to control the industrial processes. Level 1 controllers ensure that the plant operates efficiently and safely.
SCADA level 2
Coordinating Computer Level (Level 2): At this level, there are supervisory computers or Human-Machine Interface (HMI) systems that provide a centralized view of the plant’s operations. They collect data from Level 1 controllers, display it to operators, and often include control functions for higher-level coordination. Operators can monitor the plant’s status, make adjustments, and respond to alarms and events.
SCADA level 3
This level is responsible for managing and controlling the overall production process. It often involves more advanced software systems that can coordinate multiple production lines or areas within the plant. Level 3 systems may also include functions such as recipe management, production scheduling, and data logging for analysis and reporting.
Real time operating systems
At its core, an RTOS is a specialized OS designed for applications for which timing is of paramount importance, such as light control or navigation systems, where everything happens in real time.
Embedded systems
Embedded systems are specialized computing systems designed for specific tasks within a broader system or product.
Annualized Loss Expectancy
ALE): This is calculated by taking the SLE and multiplying it by the ARO and represents the total expected loss per year, providing a foundation for insurance and risk management decisions.
ECC/RSA/DSA
How does ECC compare to RSA and DSA? The biggest difference between ECC and RSA/DSA is the greater cryptographic strength that ECC offers for equivalent key size. An ECC key is more secure than an RSA or DSA key of the same size.
