3.3-3.4 data protection strategies, resilience/recovery in sec architecture

Regulated

• Data that is managed by a third party

• should follow government laws

Trade secret

An organization’s secret processes only known to the organization

Intellectual property

• Data that may be publicly visible

• Copyright and trademark restrictions

Data classifications from least to most restricted

Sensitive, Confidential, Private/Classified, Public/Unclassified

Sensitive Data

Intellectual property, PII (personal identifiable info), PHI (protected health info)

confidential

Very sensitive, must be approved to view

private/classified

restricted access, many require an NDA

Critical data

• Data should always be available

• Should create processes and procedures to maintain uptime of data

Data at rest

• Data on a storage device

  Ex. Hard drive, ssd, flash drive, etc.

How do you encrypt data at rest

Whole disk encryption, database encryption, file encryption, etc.

Data in transit

Data transmitted over the network

How do you encrypt data in transit?

Firewall, IPS, TLS, IPsec

Data in use

data is actively processing in memory

Data Soverignty

Data is that resides in a country is subject to the rules in that country

Geolocation

Determining the physical location of a device, user, or object using various data sources such as GPS, Wifi signals, IP addresses, etc.

Geofencing

Automatically restricting or allowing access when the user is in a particular location

Difference between load balancing and clustering

• In load balancing the servers are unaware of eachother compared to clustering

Geographic Dispersion

Backup sites should be in geographical distinct location (due to natural disasters that can affect a large area)

Platform Diversity

• Using many different platforms instead of solely using one because every OS contains potential security issues

• Spreads the risk around/limit exposure to risk

Multi-Cloud Systems

• Have many cloud providers just incase if there is an outage for one, you can have similar services available in the other 

Continuity of Operations Planning (COOP)

• Used when technology as a whole isn’t available and you need an alternative 

• Ex. manual transactions, paper receipts, etc

Tabletop exercise

A discussion where team members talk through their actions in a simulated disaster to test and improve their emergency plans

Fail over

Automatically switching to a backup system when the primary one fails, ensuring continuous operations and minimal downtime

Parallel Processing

• Splitting a process through multiple CPUs

• Ex. A single computer with multiple cpu cores

On site backup

• No internet link is required

• Data is immediately available

• less expensive than offsite

Off site backup

• Need to transfer data over Internet or WAN link

• Data is available after a disaster

• restoration can be performed from anywhere

Snapshot

• an instant backup of an entire system with the click of a button

• saves the current configurationn and data

Replication

An ongoing backup (updates every few minutes) that is real time

Difference between generator and UPS

A generator provides long-term backup during extended power outages, a UPS is for short term