Lead Image © Andrea Danti, 123RF.com

Lead Image © Andrea Danti, 123RF.com

Data security vs. data protection

Unequal Pair

Article from ADMIN 49/2019
Data protection and data security are similar-sounding aspects of information security: one legal and one technical.

Data protection and data security are often mentioned in the same breath and are closely linked. In this issue, I focus on the contrasts between the two and show the pitfalls in combining the technical and legal aspects of IT security.

Data security describes the practical protection of data through technical security and monitoring measures. In this understanding, "data" means all data assigned to the domain of a person or organization. The existing data must be protected against various threats, taking into consideration the classical protection goals of integrity, availability, confidentiality, and assignability.

Data integrity means that stored data is not altered without authorization and without being noticed. One way to ensure integrity is to use versioning in combination with checksums. Availability is a data security component because access to data must be guaranteed. In practice, availability periods can define when the stored data can be used and new data can be created. Confidentiality must be guaranteed in two respects: for stored data and for data in transit from one system to another. Confidentiality for stored data is implemented in all common operating systems through filesystem access authorization. Transport Layer Security (TLS) ensures the confidential transmission of messages.

In many cases, assignability is not implemented by default. Classic operating systems store the time a file was last changed, but not the user who made the changes. Even if the Windows audit policy can be used to log changes to files, the changes to logged data are not comprehensively traceable. Collaboration tools such as Subversion or Git can help. All changes to a file are traceable there, except for low-level changes to the repository.

Data security can therefore be understood in the traditional sense. However, this does not include data backups (i.e., the creation of backups to at least restore the availability protection target

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus