Data are ubiquitous and necessary for every company to be successful. In 2020 there will be more than 40 zettabytes, that is 40 trillion gigabytes (4021) or 40.000.000.000.000.000.000.000 bytes of data worldwide. Ten years before this number was only at 1,2 zettabytes; the amount of data has nearly increased forty-fold in only 10 years. Collecting data is quite easy for companies these days. More and more data are produced, and the infrastructure allows us to easily save, process and use these data. Data are invaluable; that is why they are often subject to attacks and if compromised in any way are of low or no value anymore for a company. Every data loss, especially of sensitive data, poses a significant threat for a company and its stakeholders.
We at Anexia have set ourselves to provide solutions for data integrity, not only for ourselves but also for all our customers. Due to the constantly rising significance of data integrity, we explain within this blog, what data integrity means, which risk are associated to it and how integrity within an IT system and network can be ensured.
Data integrity refers to the accuracy, completeness, and consistency of data over its full lifecycle. Meaning that data should not be changed anonymously and focus on the traceability of data changes. Strong integrity describes a state, when data cannot be changed unrecognized. Furthermore, data integrity is about securing regulatory compliance, e.g. GDPR, and data security. Data integrity refers to a state, but also to a process. As a state it describes the validity and accurateness of a data set. On the other hand, as a process it describes all measures that are necessary to ensure the validity and accurateness of all data in a database.
Risks associated with the lack of data integrity are more and more in the awareness of the public. In the past only risks concerning attacks (e.g. non-availability due to DDoS attacks) or theft have been considered, and the issue of data integrity has been of minor relevance. But criminals can and have already changed their modus operandi, and increasingly manipulate data, which poses an attack on data integrity. The aim of such an attack is to gain unauthorized access and change or damage data. Especially when choosing a new IT system or service, these possible risks should be considered:
Despite all mentioned possible threats there are several measures you can take to minimize or even eliminate them. Integrity can be achieved by using appropriate processes, rules and standards. We will describe them shortly.
Data validation encompasses different stages from the input to the maintenance of data.
A well-performing and highly secured data back-up is one of the major security aspects for successful data integrity. Strict compliance to a back-up and recovery strategy not only secures data but also prevent data loss. Back-ups can vary in their configuration:
We at Anexia offer you the most appropriate back-up solution adapted to your requirements. Either with a Hosted Backup Solution or a Cloud-Backup-Solution. In case of data loss or a damage to your data, the back-up helps to reconstruct it, both in the recovery of media data and the physical and logical recovery.
By limited access and the definition of permissions for changes on information, unauthorized changes on data can be prevented. With this measure you can also avoid human errors, both deliberate and unintentional. Even if individuals do not change or delete data deliberately, those errors can harm data integrity a lot. Next to employees, external individuals may manipulate data deliberately. A possible solution for defining access restrictions can be the principal of minimal rights. Only those users, that really need access to a specific data set gain access to them. Do not forget to implement physical access restrictions for server locations.
Avoid, if possible, shared user accounts. Often there is only a limited amount of licenses available for an application and several users share the same account. In that case data integrity is no longer existent, as it is not possible to track who actually changed the data. If it is not possible to avoid shared user accounts, you can implement documentation rules for data changes. With these rules you can reconstruct which employee changed something and what he changed.
Access restrictions can furthermore minimize the risk of social hacking. With social hacking criminals try to gain access to sensitive and secret data. First, they conduct an extensive analysis of possible weaknesses of e.g. employees, to decoy them into passing on their login data for a specific application or system of a company.
A well-working log management can help to always keep track of your data. As soon as data are added, changed or deleted, it will be noted automatically. Therefore, users should not be able to access these logs or manipulate them. Every change of data can be attributed exactly to the specific user enhanced by the exact timestamp. Anexia offers with its log management tool CloudLog the perfect solution. This tool allows an easy management of big data and the alert feature immediately informs you, if irregularities occur.
Data are constantly transferred from one place or one device to another. While transferring data via the internet you should always adopt suitable security measures, to guarantee the complete transfer. For protecting your data, hash values can be generated and attached to your data. The receiver can then check, if the data is complete. During the transfer data or the hash can be manipulated. For additional security you can use a Message-Authentication-Code for better recognize any unwanted changes.
At best a data transfer is done redundantly. Even if one connection fails or is compromised, the other connection can send the data safely to the defined destination and data loss is prevented. With a completely redundant network, Anexia offers double security for your business.
A well-performing data integrity system helps monitoring every bit of data in real time and allows an independent verification of all events within a network. In case of an incident or irregularity you can act instantly and misconfiguration within a network can be recognized promptly.
Traceability and transparency are the main aspects of integrity, if implemented correctly. If all measures are implemented for your network, IT system and your infrastructure, you are well prepared against many threats from the internet. With Anexia and our solutions we help you take a further step towards data integrity.
Are you looking for a reliable partner for the protection and integrity of your data? Contact us today and get more information about our solutions.