Data Loss Protection: High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

149 pages

English

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

Data Loss Protection: High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors , livre ebook

Emereo Publishing - Kevin Roebuck

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

149 pages

English

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

A propos
Informations
Extrait

Description

Data Loss Protection (DLP) is a computer security term referring to systems that identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination and so on) and with a centralized management framework. Systems are designed to detect and prevent unauthorized use and transmission of confidential information Vendors refer to the term as Data Leak Prevention, Information Leak Detection and Prevention (ILDP), Information Leak Prevention (ILP), Content Monitoring and Filtering (CMF), Information Protection and Control (IPC) or Extrusion Prevention System by analogy to Intrusion-prevention system.

This book is your ultimate resource for Data Loss Protection. Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Data Loss Protection right away, covering: Data loss, Data, Data (computing), Synthetic data, 12-bit, 18-bit, 2009 Sidekick data loss, AS3 (networking), Attribute (computing), Binary code, Bubble Babble, Change data capture, Common Source Data Base, Compressed pattern matching, Computer data processing, Continuous data protection, Data architecture, Data consistency, Data efficiency, Data recovery, List of data recovery software, Data Reference Model, Data retention, Data set, Data source, Data syncretization, DataPortability, Default (computer science), Dynamic data, Electronic Data Interchange, Electronically stored information (Federal Rules of Civil Procedure), Fall back and forward, Fuzzy backup, Garbage (computer science), Header (computing), Hex editor, JBOB, KLV, Leading zero, Lilian date, Line (text file), Log trigger, Machine-generated data, Persistent data, Photo recovery, Precision (computer science), Random access, Recycle bin (computing), Sector slipping, Seed loading, Sensor fusion, Sequential access, Source data, Stream (computing), Termcap, Terminal value (computer science), Text file, Thunk, Trailer (computing), Value (computer science), WinHex, AutoVirt, CopyCatX, Data storage tag, Dd (Unix), DriveSavers, DTI Data, Dvdisaster, File carving, FileSalvage, GetDataBack, Open Computer Forensics Architecture, PhotoRec, Recuva, SalvageData, ShadowProtect, Software architecture recovery, SpinRite, SystemRescueCD, TestDisk, Trinity Rescue Kit, Undeletion

This book explains in-depth the real drivers and workings of Data Loss Protection. It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Data Loss Protection with the objectivity of experienced professionals.

Sujets

Computers

Informatique

General officer

General

Informations

Publié par	Emereo Publishing
Date de parution	24 octobre 2012
Nombre de lectures	0
EAN13	9781743046524
Langue	English
Poids de l'ouvrage	6 Mo

Informations légales : prix de location à la page 0,1598€. Cette information est donnée uniquement à titre indicatif conformément à la législation en vigueur.

Extrait

Topîc relevant selected content rom tHe HîgHest rated entrîes, typeset, prînted and sHîpped.

Combîne tHe advantages o up-to-date and în-deptH knowledge wîtH tHe convenîence o prînted books.

A portîon o tHe proceeds o eacH book wîll be donated to tHe Wîkîmedîa Foundatîon to support tHeîr mîssîon: to empower and engage people around tHe world to collect and de-velop educatîonal content under a ree lîcense or în tHe publîc domaîn, and to dîssemînate ît efectîvely and globally.

he content wîtHîn tHîs book was generated collaboratîvely by volunteers. Please be advîsed tHat notHîng ound Here Has necessarîly been revîewed by people wîtH tHe expertîse requîred to provîde you wîtH complete, accurate or relîable înormatîon. Some înormatîon în tHîs book maybe mîsleadîng or sîmply wrong. he publîsHer does not guarantee tHe valîdîty o tHe înormatîon ound Here. I you need specîic advîce (or example, medîcal, legal, inan-cîal, or rîsk management) please seek a proessîonal wHo îs lîcensed or knowledgeable în tHat area.

Sources, lîcenses and contrîbutors o tHe artîcles and îmages are lîsted în tHe sectîon entî-tled “Reerences”. Parts o tHe books may be lîcensed under tHe GNU Free Documentatîon Lîcense. A copy o tHîs lîcense îs încluded în tHe sectîon entîtled “GNU Free Documentatîon Lîcense”

All used tHîrd-party trademarks belong to tHeîr respectîve owners.

Contents

Articles Data loss Data Data (computing) Synthetic data 12-bit 18-bit 2009 Sidekick data loss AS3 (networking)

Attribute (computing) Binary code Bubble Babble Change data capture Common Source Data Base

Compressed pattern matching Computer data processing Continuous data protection Data architecture Data consistency Data efficiency Data recovery List of data recovery software Data Reference Model Data retention Data set Data source Data syncretization DataPortability Default (computer science)

Dynamic data Electronic Data Interchange Electronically stored information (Federal Rules of Civil Procedure) Fall back and forward Fuzzy backup Garbage (computer science)

1 4 7 8 11 12 13 14 15 16 20 22 25 27 27 29 31 34 37 38 41 42 43 44 45 46 46 49 50 51 57 58 59 59

Header (computing) Hex editor JBOB KLV Leading zero Lilian date Line (text file) Log trigger Machine-generated data Persistent data Photo recovery Precision (computer science) Random access Recycle bin (computing) Sector slipping Seed loading Sensor fusion Sequential access Source data Stream (computing) Termcap Terminal value (computer science) Text file Thunk Trailer (computing) Value (computer science) WinHex AutoVirt CopyCatX Data storage tag dd (Unix) DriveSavers DTI Data dvdisaster File carving FileSalvage GetDataBack Open Computer Forensics Architecture

61 62 63 63 65 66 66 67 74 76 76 81 81 82 84 85 86 88 88 89 90 92 93 95 95 95 97 98 100 102 103 108 109 110 112 114 116 117

PhotoRec Recuva SalvageData ShadowProtect Software architecture recovery SpinRite SystemRescueCD TestDisk Trinity Rescue Kit Undeletion

References Article Sources and Contributors Image Sources, Licenses and Contributors

Article Licenses License

118 121 122 123 124 125 129 131 135 137

140 144

145

Data loss

In the field of information technology,data lossrefers to the unforeseen loss of data or information. An occurrence of data loss can be called aData Loss Eventand there are several possible root causes. Backup and recovery schemes are developed to restore lost data. Data lossmust be distinguished fromdata unavailability, such as may arise from a network outage. Although the two have substantially similar effects,data unavailabilityis temporary whiledata lossis permanent. Data loss is also distinct fromdata spill, although the term "data loss" has been sometimes used in those incidents. Data loss incidents can, however, be also data spill incidents, in case media containing sensitive information is lost and subsequently acquired by another party. However, data spills are possible without the data being lost in the originating side.

Types of data loss events Intentional Action Intentional deletion of a file or program Unintentional Action Accidental deletion of a file or program Misplacement of CDs or Memory sticks Administration errors Inability to read unknown file format Failure Power failure, resulting in data in volatile memory not being saved to permanent memory. Hardware failure, such as a head crash in a hard disk. A software crash or freeze, resulting in data not being saved. Software bugs or poor usability, such as not confirming a file delete command. Business failure (vendor bankruptcy), where data is stored with a software vendor using Software-as-a-service and SaaS data escrow has not been provisioned. Data corruption, such as file system corruption or database corruption. Disaster Natural disaster, earthquake, flood, tornado, etc. Fire Crime Theft, hacking, sabotage, etc. A malicious act, such as a worm, virus, hacker or theft of physical media. Studies have consistently shown hardware failure and human error to be two most common causes of data loss, [1] accounting for roughly three quarters of all incidents. A commonly overlooked cause is a natural disaster. Although the probability is small, the only way to recover from data loss due to a natural disaster is to store backup data in a physically separate location.

Data loss

Data recovery There are commercial services that attempt to recover data from physically damaged media. These services typically vary in price. Expense usually is dependent on type of damage and type of storage drive. Price is also dependent on if it's a secure environment, cleanroom or a data recovery lab. File system corruption can frequently be repaired by the user or the system administrator with the right software tools. A deleted file is rarely overwritten on disk. It is more common for the operating system to simply delete its entry in the file system index. This can be easily reversed.

Cost of data loss The cost of adata loss eventis directly related to the value of the data and the length of time that it is needed, but unavailable. Consider: The cost of continuing without the data The cost of recreating the data The cost of notifying users in the event of a compromise

Organizational responsibility [2] Recent statistics show the number of publicized data loss events involving sensitive data is on the rise, in part due to recent legislation, including the landmark California SB 1386, requiring the notification of data loss. This and other legislation has forced organizations to notify victims that their identity has potentially been compromised.

Preventing data loss There is no guaranteed way to prevent data loss. However, the frequency of data loss events and their impact can be greatly mitigated by taking proper precautions. The different types of data loss events demand different types of precautions. For example, multiple power circuits with battery backup and a generator will only protect against power failures. Similarly, using a journaling file system and RAID storage will only protect against certain types of software and hardware failure. Regular data backups are an important asset to have when trying to recover after a data loss event, but they don't do much to prevent user errors or system failures. A well rounded approach to data protection has the best chance of avoiding data loss events. Such an approach will also include such mundane tasks as maintaining antivirus protection and network firewalls, as well as staying up to date with all published security fixes and system patches. User education is probably the most important, and most difficult, aspect of preventing data loss. Nothing else will prevent users from making mistakes that jeopardize data security. Also see: Data loss prevention

Recovery from data loss Successful recovery from a Data Loss Event generally requires an effective backup strategy. Without a backup strategy, recovery requires reinstallation of programs and regeneration of data. Even with an effective backup strategy, restoring a system to the precise state it was in prior to theData Loss Eventis extremely difficult. Some level of compromise between granularity of recoverability and cost is necessary. Furthermore, aData Loss Event may not be immediately apparent. An effective backup strategy must also consider the cost of maintaining the ability to recover lost data for long periods of time. The most convenient backup system would have duplicate copies of every file and program that were immediately accessible whenever aData Loss Eventwas noticed. However, in most situations, there is an inverse correlation between the value of a unit of data and the length of time it takes to notice the loss of that data. Taking this into

Data loss

consideration, many backup strategies decrease the granularity of restorability as the time increases since the potentialData Loss Event. By this logic, recovery from recentData Loss Eventsis easier and more complete than recovery fromData Loss Eventsthat happened further in the past. Recovery is also related to the type ofData Loss Event.Recovering a single lost file is going to be substantially different than recovering a whole system that was destroyed in a flood. An effective backup regimen will have some proportionality between the magnitude ofData Lossand the magnitude of effort required to recover. For example, it should be far easier to restore the single lost file than to recover the whole system destroyed in a flood.

Steps to be taken after data loss Proper steps must always be taken in case of a data loss incident in order to preserve the recoverability of any lost data. First of all, all type of write operations should be avoided to the drive in question. This also includes starting up the computer. As, many OS including Windows, creates "temporary files" or "files required for booting" - those files may occupy and overwrite the area of the lost data and render it partially or completely unrecoverable. Needless to say, other write operations such as copying, deleting or altering the files should also be avoided. The best and safest course of action would be that right upon realizing data loss, the computer must be safely shut down and the drive in question should be removed from the unit. After that, attach this drive to a secondary computer with a write blocker device and then proceed to perform data recovery either by the user himself or commercial data recovery services.

External links [3] Data Loss Database - Reporting on data leaks, worldwide [4] What To Do Right After A Data Loss Incident | Bitlevel explains things you must know after data loss [5] Data Loss Warning Signs | LC Technology International, Inc. [6] "Data Loss and Hard Drive Failure: Understanding the Causes and Costs" , also includes recovery tips [7] "How To: Recover deleted files (for Mac and Windows)" - Detailed how to articles on recovering documents, data, and files. [8] The sounds of data loss : Failing Hard Drive Sounds [9] Find lost data after emptied the recycle bin

References [1] The cost of lost data (http://gbr.pepperdine.edu/033/dataloss.html) - Graziadio Business Report [2] "Etiolated Statistics" (http://www.etiolated.org/statistics).Etiolated Consumer\Citizen. . Retrieved 2007-06-05. [3] http://datalossdb.org/ [4] http://www.bitleveldata.com/support/ [5] http://www.lc-tech.com/techsupport/warningsigns.html [6] http://www.deepspar.com/wp-data-loss.html [7] http://www.tech-pro.net/how-to-recover-deleted-files.html [8] http://datacent.com/failing_hard_drive_sounds [9] http://www.sondle.com/resource/restore-deleted-files.asp

Data

The termdatarefers to qualitative or quantitative attributes of a variable or set of variables. Data (plural of "datum") are typically the results of measurements and can be the basis of graphs, images, or observations of a set of variables. Data are often viewed as the lowest level of abstraction from which information and then knowledge are derived.Raw data, i.e. unprocessed data, refers to a collection of numbers, characters, images or other outputs from devices that collect information to convert physical quantities into symbols.

Etymology The worddata(pronounced /ˈdeɪtə/day-tə,English pronunciation:a/ˈdbtə/da-tə, orEnglish pronunciation:a/ˈdɑːtə/dah-tə) is the Latin plural ofdatum, neuter past participle ofdare, "to give", hence "something given". In discussions of problems in geometry, mathematics, engineering, and so on, the termsgivensanddataare used interchangeably. Also, data is a representation of a fact, figure, and idea. Such usage is the origin ofdataas a concept in computer science: data are numbers, words, images, etc., accepted as they stand.

Usage in English (weasel fixed) In English, the worddatumis still used in the general sense of "an item given". In cartography, geography, nuclear magnetic resonance and technical drawing it is often used to refer to a single specific reference datum from which [1] distances to all other data are measured. Any measurement or result is adatum, butdata pointis more usual, albeit tautological. Bothdatums(see usage in datum article) and the originally Latin pluraldataare used as the plural of datumin English, butdatais commonly treated as a mass noun and used with a verb in the singular form, especially in day-to-day usage. For example,This is all the data from the experiment. This usage is inconsistent with the rules of Latin grammar and traditional English (These are all the data from the experiment). Even when a very small quantity of data is referenced (One number, for example) the phrasepiece of datais often used, as opposed todatum. The debate over appropriate usage is ongoing. [2] [3] Many style guides and international organizations, such as the IEEE Computer Society, allow usage ofdataas [4] either a mass noun or plural based on author preference . Other professional organizations and style guides require that authors treatdataas a plural noun. For example, the Air Force Flight Test Center specifically states that the [5] worddatais always plural, never singular. [6] [7] Datais accepted as a singular mass noun in everyday educated usage. Some major newspapers such asThe New York Timesuse it either in the singular or plural. In theNew York Timesthe phrases "the survey data are still being analyzed" and "the first year for which data is available" have appeared on the same day. In scientific writingdatais often treated as a plural, as inThese data do not support the conclusions, but it is also used as a singular mass entity [8] likeinformation. British usage now widely accepts treatingdataincludingas singular in standard English, [9] [10] everyday newspaper usage at least in non-scientific use. UK scientific publishing still prefers treating it as a [11] [12] plural. Some UK university style guides recommend usingdataand somefor both singular and plural use [13] recommend treating it only as a singular in connection with computers.

Data

Meaning of data, information and knowledge

The terms information and knowledge are frequently used for overlapping concepts. The main difference is in the level of abstraction being considered. Data is the lowest level of abstraction, information is the next level, and finally, knowledge is the highest level among all three. Data on its own carries no meaning. For data to become information, it must be interpreted and take on a meaning. For example, the height of Mt. Everest is generally considered as "data", a book on Mt. Everest geological characteristics may be considered as "information", and a report containing practical information on the best way to reach Mt. Everest's peak may be considered as "knowledge". Information as a concept bears a diversity of meanings, from everyday usage to technical settings. Generally speaking, the concept of information is closely related to notions of constraint, communication, control, data, form, instruction, knowledge, meaning, mental stimulus, pattern, perception, and representation. Beynon-Davies uses the concept of a sign to distinguish between data and information; data are symbols while [14] [15] information occurs when symbols are used to refer to something. It is people and computers who collect data and impose patterns on it. These patterns are seen as information which can be used to enhance knowledge. These patterns can be interpreted as truth, and are authorized as aesthetic and ethical criteria. Events that leave behind perceivable physical or virtual remains can be traced back through data. [16] Marks are no longer considered data once the link between the mark and observation is broken. Raw datarefers to a collection of numbers, characters, images or other outputs from devices to convert physical quantities into symbols, that are unprocessed. Such data is typically further processed by a human or input into a computer, stored and processed there, or transmitted (output) to another human or computer (possibly through a data cable).Raw datais a relative term; data processing commonly occurs by stages, and the "processed data" from one stage may be considered the "raw data" of the next. Mechanical computing devices are classified according to the means by which they represent data. An analog computer represents a datum as a voltage, distance, position, or other physical quantity. A digital computer represents a datum as a sequence of symbols drawn from a fixed alphabet. The most common digital computers use a binary alphabet, that is, an alphabet of two characters, typically denoted "0" and "1". More familiar representations, such as numbers or letters, are then constructed from the binary alphabet. Some special forms of data are distinguished. A computer program is a collection of data, which can be interpreted as instructions. Most computer languages make a distinction between programs and the other data on which programs operate, but in some languages, notably Lisp and similar languages, programs are essentially indistinguishable from other data. It is also useful to distinguish metadata, that is, a description of other data. A similar yet earlier term for metadata is "ancillary data." The prototypical example of metadata is the library catalog, which is a description of the contents of books. Experimental data refers to data generated within the context of a scientific investigation by observation and recording. Field data refers to raw data collected in an uncontrolled in situ environment.

Data

References This article was originally based on material from the Free On-line Dictionary of Computing, which is licensed under the GFDL.

[1] Matt Dye (2001). "Writing Reports" (http:/ /www.bris.ac.uk/Depts/DeafStudiesTeaching/dissert/Writing Reports.htm). University of Bristol. . [2] UoN Style Book–Singular or plural–Media and Public Relations Office–The University of Nottingham (http://www.nottingham.ac.uk/ public-affairs/uon-style-book/singular-plural.htm) [3] "IEEE Computer Society Style Guide, DEF" (http:/ /www.computer.org/portal/site/ieeecs/menuitem. c5efb9b8ade9096b8a9ca0108bcd45f3/index.jsp?&pName=ieeecs_level1&path=ieeecs/publications/author/style&file=def.xml& xsl=generic.xsl&). IEEE Computer Society. . [4] "WHO Style Guide" (http://whqlibdoc.who.int/hq/2004/WHO_IMD_PUB_04.1.pdf). Geneva: World Health Organization. 2004. p. 43. . [5]The Author's Guide to Writing Air Force Flight Test Center Technical Reports. Air Force Flight Center. [6] New Oxford Dictionary of English, 1999 [7] "...in educated everyday usage as represented by the Guardian newspaper, it is nowadays most often used as a singular." http:/ /www.eisu2. bham.ac.uk/johnstf/revis006.htm [8]New Oxford Dictionary of English. 1999. [9] Tim Johns (1997). "Data: singular or plural?" (http:/ /www.eisu2.bham.ac.uk/johnstf/revis006.htm). . "...in educated everyday usage as represented by The Guardian newspaper, it is nowadays most often used as a singular." [10] "Data" (http://www.askoxford.com/concise_oed/data?view=uk).Compact Oxford Dictionnary. . [11] "Data: singular or plural?" (http:/ /www.eisu2.bham.ac.uk/johnstf/revis006.htm). Blair Wisconsin International University. . [12] "Singular or plural" (http://www.nottingham.ac.uk/public-affairs/uon-style-book/singular-plural.htm).University of Nottingham Style Book. University of Nottingham. . [13] "Computers and computer systems" (http:/ /openlearn.open.ac.uk/mod/resource/view.php?id=182902).OpenLearn. . [14] P. Beynon-Davies (2002).Information Systems: An introduction to informatics in organisations. Basingstoke, UK: Palgrave Macmillan. ISBNa0-333-96390-3. [15] P. Beynon-Davies (2009).Business information systemsave.ISBNa978-0-32-00263-8.6Ba.ngsikotsU,eP:Krgla [16] Sharon Daniel.The Database: An Aesthetics of Dignity.

External links data is a singular noun (http://purl.org/nxg/note/singular-data) (a detailed assessment)