Part 1: Protect your data without a user revolt
Another Data Breach due to stolen information stored on a corporate device has been reported and data protection gets its marching orders to the top priority of IT Policy. And how many data breaches are left unreported? The importance of the security and governance of corporate data has become a major consideration upon IT Policy Managers. Yes, sensitive data is always stored on corporate devices no matter what process is used to perform business activities. Data will always be left on the device in one form or another. This data must be protected for the confidence of performing productive operations out in the big open field.
- But how should the data be protected?
- And who should access this data?
- How reliable is the integrity of the protected data?
- What happens if the data becomes inaccessible due to device failure?
Protection of data is no trivial task…
Our series of blogs will provide you with an invaluable insight into the importance of the security and governance of corporate data, build an arsenal of information that will give you the opportunity to help boost your business and give you competitive edge over your rivals.
Part 1: How do we Protect Data?
All sensitive corporate data must be protected from unauthorised use, but what does this mean to the contents of the data? An authorised user should maintain the ability to retrieve data and turn it into Information, any other attempted access to data results in a lot of noise. But this poses two more questions: what is an authorised user and how is one recognised? What is information and what is noise? Well these two questions may as well be mixed together; what is an informed user and who are these noisy users?
In order to avoid compromise, any useful information managed within an organisation should be transferred internally as noisy useless data. But how can useful information be turned into useless noisy data, yet still become useful to an authorised user? A process must be used which can represent information as a collection of useful bits and bytes of data. Details of this process can be left to a future discussion.
Data is transformed to a noisy representation of bits and bytes using computations, which can then be reversed to convert back to useful information. The action of converting useful data to noisy data and then back again is known as encryption (and then decryption to convert back). So the first step to protect data is to use encryption.
But what is stopping anyone from retrieving the noisy data and converting it back to useful information?
Look out for our next blog – “Part 2: The use of encryption algorithms.”