Please see the attached document.
Discusion 1:
Data security can be ensured by following the security controls like application access layer, infrastructure access layer, physical access layer and data motion layer. Application access layer and infrastructure access layer aim to achieve confidentiality by creating access constraints to the end user applications and must be given access only as per the business requirement. Infrastructure access layer also works similarly by restricting the access to infrastructure, according the needs of the business(Cartland, 2015).
Physical access to the files, systems, servers, data storage devices with sensitive information is provided only when required and the company must be aware of all the people who are granted access. Data motion layer ensures the security of the data in motion that is when transmitted from one place to other. CIA triad are the important objectives for obtaining security and protecting data. All the security measures must be able to achieve confidentiality, integrity and availability of data.
Data security can be attained by using five layers and they can be considered as precautions to be taken for avoiding the data breaches and attacks by the hackers(von Solms & von Solms, 2017).
Software based or hardware-based firewalls will help in avoiding the unwanted traffic entering into the system by acting as a filter between the system and the internet.
Proxy servers provide security through smoke screen in the network. It appears as a real network and presents minimum internet connection. The way the network is seen by the others is regulated by these servers. Routers will work similar to a firewall and will give access to the network only to the users with the authentication and routing of IP packets is also carried out by them.
Network control measures include login ids, passwords, which are used for providing authentication. Users with the authentications can alloy enter into the network.
Software control measures include the measures that can stop the malicious software present in the systems from infecting the system. Firewalls cannot prevent the damage from the malware which is already present in the system.
Cryptography is about use of encryption for the sensitive data. Encryption process will ensure that unintended persons get the access to the sensitive data. Use of two factor authentications, using encryption for the important messages where recipients will have the relevant key to access the information, protecting the keys.
References
Cartland, A. (2015). Data protection-data security-privacy. Computers & Security, 3(1), 57-58
von Solms, R., & von Solms, S. (2017). Information security governance: Due care. Computers & Security, 25(7), 494-497.
Discussion 2:
In this era of digital information, it’s nearly impossible not to share data. Sharing of data is like sharing information, which is essential for growth and opening a wide range of opportunities. The sharing of data happens between individuals, teams, organizations, national and international governments. The tricky questions are how to share data, who should share data, and what sorts of security measures need to be taken before transferring data. CIA Triad is answering all these questions (Mike et al., 2018).
CIA Triad stands for Confidentiality, Integrity, and Availability. Each of these explains how we can safely transfer data or information. Firstly, confidentiality is a way to protect data security. Confidentiality mainly works on preventing unauthorized users from accessing information or data(Mir & Quadri, 2016). It creates specific security precautions and processes to be taken to ensure data is safe while sharing. Some organizations use encryption while transferring or transmitting data to ensure no unauthorized user can access it or prevent data theft while moving. The second one is Integrity deals with the accuracy of data, and the process of making sure data is not corrupted while transferring information or data. Making changes in data or altering information, the user needs to be authorized. An unauthorized user will not be allowed, and alerts will be sent to the organization’s security team. Some unauthorized activities include downloading and running jar files, sending emails to out of domain emails, massive file transfers, and password sharing. The third one is availability, which provides timely, authorized access to data. When sharing data or information, it’s essential to make sure data is delivered as expected with our any delay(Mir & Quadri, 2016). This timely data transfer is managed in a secured format by availability. Availability also includes efficient and confirmed data transfer. We need to clearly understand one thing in CIA Triads even though Confidentiality, Integrity, and Availability are different principles in CIA Triads. All these principles are interlinked. CIA Triads are the best suitable method for secured data sharing. (Mike et al., 2018)
References
Mike, C., James, M. S., Darril, G. (2018). (ISC)2 CISSP Certified information systems security professional official study guide: John Wiley & Sons. ISBN: 9781119475958
Mir, S. & Quadri, S. (2016). Information availability: An insight into the most important attribute of information security. Journal of Information Security. 07. 185-194. 10.4236/jis.2016.73014.