Safety-Critical Data Management

---

Data security refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, hashing, tokenization, and key management practices that protect data across all applications and platforms.

Data security is the practice of protecting digital information from unauthorized access, corruption, or theft throughout its entire lifecycle. It’s a concept that encompasses every aspect of information security from the physical security of hardware and storage devices to administrative and access controls, as well as the logical security of software applications. It also includes organizational policies and procedures.

Data integrity is the overall accuracy, completeness, and consistency of data. Data integrity also refers to the safety of data in regard to regulatory compliance — such as GDPR compliance — and security. It is maintained by a collection of processes, rules, and standards implemented during the design phase. When the integrity of data is secure, the information stored in a database will remain complete, accurate, and reliable no matter how long it’s stored or how often it’s accessed.

Data availability is the process of ensuring that data is available to end-users and applications, when and where they need it. Availability has to do with the accessibility and continuity of information, thus accessibility is a key component. It defines the degree or extent to which data is readily usable along with the necessary IT and management procedures, tools, and technologies required to enable, manage and continue to make data available.

Data privacy is a guideline for how data should be collected or handled, based on its sensitivity and importance. Data privacy is typically applied to personal health information (PHI) and personally identifiable information (PII). This includes financial information, medical records, social security or ID numbers, names, birthdates, and contact information.

Five types of cybersecurity techniques, which will help in reducing the cyber attack amongst enterprises and organizations.

• Critical Infrastructure Cybersecurity. ...
• Network Security. ...
• Cloud Security. ...
• Internet of Things Security. ...
• Application Security.

In light of the recent rise in ransomware attacks, The National Institute of Standards and Technology (NIST) has developed new, preliminary draft guidelines for organizations regarding ransomware attacks.

These guidelines, titled “The Cybersecurity Framework Profile for Ransomware Risk Management,” 

http://blog.dminc.com/blog/nist-cybersecurity-guidelines

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.

Data encryption is a process of converting data into encoded information, called ciphertext. The encoded information can only be decoded with a unique decryption key. You can generate the key either at the time of encryption or beforehand.

Encryption ensures the integrity of data by protecting it from unauthorized modification. Encryption reduces the risk of accessing data from untrustworthy sources by verifying data’s source.

Continuous Data Protection is a method for backing up data every time a change is made. A  continuous data protection system maintains a record of all data changes and enables you to restore a system to any previous point in time.

This type of backup solves the problem of losing data created between two scheduled backups. It also provides protection against attacks like ransomware or malware, as well as accidental deletion of data.

Read more: Continuous Data Protection

RAID; "Redundant Array of Inexpensive Disks" or "Redundant Array of Independent Disks") is a data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for the purposes of data redundancy, performance improvement, or both. This was in contrast to the previous concept of highly reliable mainframe disk drives referred to as "single large expensive disk" (SLED).

Data is distributed across the drives in one of severa

Data is distributed across the drives in one of several ways, referred to as RAID levels, depending on the required level of redundancy and performance. The different schemes, or data distribution layouts, are named by the word "RAID" followed by a number, for example RAID 0 or RAID 1. Each scheme, or RAID level, provides a different balance among the key goals: reliability, availability, performance, and capacity. RAID levels greater than RAID 0 provide protection against unrecoverable failures

Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them

A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. 

The benefits of a VPN include increases in functionality, security, and management of the private network. It provides access to resources inaccessible on the public network and is typically used for telecommuting workers. 

Multiple modular redundancy,  is a fault-tolerant form of hardware redundancy, in which multiple systems perform a process and that result is processed by a majority-voting system to produce a single output. If any one of the multiple systems fails, the other systems can correct and mask the fault.

The concept can be applied to many forms of redundancy, such as software redundancy in the form of Safety-Critical computer systems