Data security

From Wikipedia, the free encyclopedia

It has been suggested that this article or section be merged into Information security. (Discuss)

This article does not cite any references or sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (October 2008)

Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. Thus data security helps to ensure privacy. It also helps in protecting personal data.

Contents 1 Data Security Technologies 1.1 Disk Encryption 1.2 Backups 1.3 Data Masking 1.4 Data Erasure 2 International Laws and Standards 2.1 International Laws 2.2 International Standards 3 See also

[edit] Data Security Technologies

[edit] Disk Encryption

Disk encryption refers to encryption technology that encrypts data on a hard disk drive. Disk encryption typically takes form in either software (see disk encryption software] or hardware (see disk encryption hardware). Disk encryption is often referred to as on-the-fly encryption ("OTFE") or transparent encryption

[edit] Backups

Backups are used to ensure data which is lost can be recovered

[edit] Data Masking

Data Masking of structured data is the process of obscuring (masking) specific data within a database table or cell to ensure that data security is maintained and sensitive customer information is not leaked outside of the authorized environment.

[edit] Data Erasure

Data erasure is a method of software-based overwriting that completely destroys all electronic data residing on a hard drive or other digital media to ensure that no sensitive data is leaked when an asset is retired or reused.

[edit] International Laws and Standards

[edit] International Laws

In the UK, the Data Protection Act is used to ensure that personal data is accessible to those whom it concerns, and provides redress to individuals if there are inaccuracies. This is particularly important to ensure individuals are treated fairly, for example for credit checking purposes. The Data Protection Act states that only individuals and companies with legitimate and lawful reasons can process personal information and cannot be shared.

[edit] International Standards

The International Standard ISO/IEC 17799 covers data security under the topic of information security, and one of its cardinal principles is that all stored information, i.e. data, should be owned so that it is clear whose responsibility it is to protect and control access to that data.

The Trusted Computing Group is an organization that helps standardize computing security technologies.

[edit] See also

• Comparison of disk encryption software
• Disk encryption
• pre-boot authentication
• Security Breach Notification Laws
• single sign-on
• smartcard
• Trusted Computing Group
• Blancco
• Secure USB drive
• Data Masking
• Data Erasure