Integrity in Data Systems

https://incyberdefense.com/editors-picks/security-fundamentals-integrity-in-data-systems/ (Links to an external site.)

By Edward J. Hawkins, II

This article talked about the proper integrity of data, and how it applies to the goal of security involving that data. Data Integrity is basically keeping data from being compromised by unauthorized users. Once data has been breached it is no longer considered honest data. The security of data is an obvious issue and the article discusses a couple solutions that were taken from the Information Assurance Handbook written by Cory Schou and Steven Hernandez. The first solutions discussed was adding a mathematical value by adding a hash tag to the integrity of the data. The second solution was basically creating a system that authorizes and records when data is being manipulated. Next the subject on the difference between confidentiality and integrity came up, saying how confidentiality has a way to encrypt its data so the owners know its integrity is not compromised. The implementation of integrity is supposedly a difficult task to do and takes a lot more work than keeping data confidential. On the down side of confidentiality though, if someone that has access to the confidential data and manipulates that in a harmful way then the confidentiality is of no use. The idea here is to keep the integrity of data from all unauthorized users, even from people that may have access to data that is only confidential.

I believe i can use this article to my advantage by being aware that insider threats are an issue, and that internal encryption will not always be the answer. The article discussed an automated software that can constantly monitor and check on the integrity of your data.

Organizations can and should be creating a sort of plan and policy around this. creating a training course for their employees and teaching them the proper way to be securing the integrity of their data, not just encrypting it. Organizations could make this into a normal practice for their employees, which in turn could also make a possible threat to the company think twice about trying something.