Last week, I talked about maintaining Data Privacy within an Audit Trail. In this article I take a look at the wider aspects of maintaining data security.
While not the first thing that comes to mind, when discussing data security. It is nevertheless just as important to consider what data you are storing. In fact, this forms one of the cornerstone principles of GDPR. A system should not store more than is absolutely necessary to fulfil its role. This might seem to be more about overreach than security, but it adds to security too. Simply put, in the unthinkable event of a data breach, information that isn’t on the breached system cannot be stolen.
Maintaining Data Security in Software Systems
Any system that contains personal information must be secured by a suitable login process and access rights.
How accessible the system is to outside users, and the sensitivity level of the stored information will dictate how complex the login process might be:
- Consider a system that cannot be accessed outside of a business premises. A system that stores nothing more sensitive than names and addresses. In this case a password or NT Authentication based login might be sufficient.
- Now consider a bank’s website that is publicly accessible. Such a system not only stores sensitive financial information but allows a user to move funds out of an account. In this situation multi factor authentication would not be considered excessive.
Having a secure login is only part of the story. There are two other factors to securing a system:
- Ensuring all traffic is secure,
- And compartmentalising user access.
Maintaining Data Security in Network Traffic
Network traffic must be secure, or more simply put encrypted. This is especially true of publicly accessible systems. It is now widely accepted that even the simplest of websites should be secured over https. But even internal networks can be breached. It is advisable that any network traffic containing sensitive information is encrypted. Databases support encrypted protocols too. There is little point ensuring data being transferred between an intranet server and an internal user is secure if the same information is being transferred in plaintext from the database.
Maintaining Data Security through User Access
User access should be governed by a comprehensive access rights system. This ensures that no one has access to information they do not need to see. It makes sense to incorporate access controls in the software being used, so that relevant sections of the software can be hidden from the user. This also allows appropriate error messages to be displayed if a user tries to circumvent these measures. However, if a system uses a separate database login for each user, then it also makes sense to use database level permissions to control access as well. This prevents a tech savvy user, or a hacker that has gained access to a user account from directly querying the database for all information.
All these measures count for nothing if a hacker gets hold of a user’s login credentials. Especially if the user is cleared for far reaching access to sensitive data.
A responsible company has a duty to educate its users in keeping their credentials secure. This includes teaching users the following:
- To be aware of phishing scams.
- Good password policy – don’t use the same password everywhere, change passwords regularly, don’t share a password, and don’t write down a password.
- When to avoid connecting to a sensitive system – avoiding public networks, and making sure no one can see a password being entered.
- Always lock a system when not using it.
When Things Do Go Wrong
With all the best will in the world, and all the measures above, data breaches can still happen. When they do, a data processor has the responsibility to notify the people whose data has been breached and the relevant authorities. But how does a company know if there has been a breach? There are a number of measures that can be taken at both the network level and the software level. Access to a system should be logged, and this should include:
- Who accessed the system – which user credentials were used.
- What was accessed.
- When the access took place – start of access and duration.
- Originating IP address of the access – and MAC address if available.
Armed with this information, monitoring systems can be set up to watch for anomalous access:
- Accessed to part of a system a user wouldn’t normally go to?
- Login at an unusual time for a given user?
- Connect to the system from an unrecognised IP address or MAC address?
Any of these things can raise a red flag for further investigation. It might be something as innocuous as a member of staff catching up on some work from home in the evening. But it could be an indicator of a data breach.
I have tried to cover many of the more common and straightforward security measures here. However, there are more measures that can be used in maintaining data security than the ones I have gone into.
SAMWare UK creates bespoke solutions and websites. Contact us to arrange a chat to discuss your needs and for a free no obligation quote.