How to secure data on disk drive

1
How to secure data on disk drive

• By
• Amita Kohli

2
Agenda

• Why data is so important to the organizations
• Reasons for data protection
• what are different ways by which data can be
  protected

3
Introduction

• why data ?
• Data is important asset to the company
• Most valuable
• Must be safeguard properly

4
Reasons to protect data

• Fear of financial loses
• Spate of regulations
• Productivity

5
What if ?

• Disk is lost
• Disk is stolen
• Someone makes a copy of the disk while the disk
  is connected

6
Encryption anywhere hard disk offers

• Full disk encryption the software encrypts
  every sector on a computer including temp files,
  sys files e.t.c
• Centralized Mgmt control over hard drive
  encryption settings, password setting, auditing
  and enforcement of information security policies
• Access control for local and network resources
  using pre-windows authentication
• Robust recovery options, authenticate check,
  password recovery

7
Different ways to protect data

• Back up early and regularly
• Use file level and share level permissions
• If the data is on
• Network use share permission
• Computer is shared use file
  permission
• Password protection documents
• Many applications allows to set password

8
Contd

• Not reliable
• Many vulnerabilities in the applications
• password easy to crack
• Use EFS encryption
• Win2000 , WinXP pro , Win2003 server supports EFS
• Built-in-certificates encryption methods helps
  to protect files and folders
• EFS enables encryption and decryption of files by
  using standard cryptographic algorithms.
• uses combination of symmetric and asymmetric
  encryption for both security and performance

9
Contd

• Advantages
• users cannot access hard disk without going
  through file system
• Transparent to users and easy to manage
• Provides better security
• Email encryption
• encrypting your email communication
• digital certificates is the technique
• Benefits
• Helps to keep the junk mails away

10
Contd

• Disk encryption
• PGP ("Pretty Good Privacy") is the most widely
  recognized public key encryption program in the
  world. It can be used to protect the privacy of
  email, data files, drives and instant messaging
• Key pair and symmetric are the technique
• PGP is also used for authentication
• PGP can be used on most desktop computers as well
  as larger systems. Typically it is used on the
  command line to encrypt or decrypt files which
  will be moved to another mail program.

11
Contd

• Make use of public key infrastructure system
• Its the system that manages public and private
  key pairs and digital certificates and are issued
  by the third party
• Stronger in security
• ways to encrypt
• Public key- can be made publically or reveal to
  known ones
• Private key- meant for you

12
Contd

• Hide data with steganography
• The data is encrypted first with encryption
  software and then hidden in to another file with
  the help of steganography software
• Steganography techniques either uses secret keys
  or public/private keys
• E.g. for steganogrphy software
• StegoMagic this will encrypt data and hide them
  in .TXT , .WAV or .BMP file

13
Contd

• Protect data in transit with IP security
• Data can be in hands of a hacker in its
  transition period.
• Encapsulation security payloads (ESP) uses IPSEC
  protocol to encrypt data for confidentiality

14
Contd

• Secure wireless transmission
• Subjected to interception
• Its more hard to manage
• Preferred to use WPA than WEP

15
Contd

• Use rights Management to retain control
• user can set rights like
• Read only
• Read write
• Modify etc to control from losing it.
• Can also set the TTL for the message

16
Conclusion

• Agenda covered
• Resource
• www.insight.ZDnet.co.uk
• ANY ???