Data and Storage
Authentication Process Plan
Considered Authentication plans
The report is being generated for the town council. The council has its main center and even operates sub smaller five neighborhood centers in various parts of town. The council solely relies on its network and data storage systems to interact with staff members and offices so that real time based data can be accessed regarding cases, clients etc. The data send over the network are very sensitive and vital for legal proceedings. Therefore the present system in the council needs to be enhanced. Different ways to implement security levels are to be discussed to implement or suggest the council the appropriate method. Task 1
Essential researches have been done about how to secure file storage and transfer considering the requirements. Further more details will be provided in Task 3.1. Task 2
Different authentication methods and data security methods and on-going network monitoring plans have been analyzed which will be further discussed in Task 3.2. Task 3
Data and Storage
A. Data Protection Issues
As the town council deals with the legal services, the data transition should be secured very strongly. As the database of the council is larger and contains very vital information with it, different data protection issues are to be discussed.
* The data stored in the hard drive may get corrupted leading to a huge data loss. * The database server may get crashed or get hacked.
* As the data is being transferred to different many locations across the country, there is a high chance of eavesdropping. * Data sent through the network may get loss in the transition by an unauthorized access. * The data can be unwantedly modified while on the process of transmission from the source to the destination network by hackers and eavesdropper. * The data can be infected on the process causing the destination network a massive loss by virus infection over the network.
B. Data Protection Plans For Storage and Transmission
For securing the data during the transmission several protection plans should be taken into considerations and should be followed through it. Following protection plans follows the DATA PROTECTION ACT 1998.
* Personal data should be managed legitimately and properly. * Personal data should only be accessible for one person for more specified and lawful purposes. * Data should be adequate and relevant and should not excess the relation to the purpose they were created. * Data should be accurate and updated.
* Data warehousing should be done for the additional security in the database. * Certain level of accessibility should be provided to the employees. * Firewalls policy should be implemented in order to ban social networking sites or any other sites that are not in the company policy. * Password authentication should be applied in order to provide the proper level of authentication to the employees. * Antivirus should be installed to prevent any kind of malicious program attack. * The transmitted data should be protected by different encryption method. Ciphering the data would help in the data. * Disaster plan should be made. Therefore, the backup of the whole data should be done in another safe location and should be updated with each operation concurrently. * VPNs should be created for securing the data in the public network. * Data logs should be created for the event that is taking place over the network and it should be monitored by the administrator frequently to keep track of the situation.
Data Protection Plans (Shredders)
C. Alternative shielding approach
For more feasible and effective way to protect the data, the organization can use different alternative methods.
I. Data Masking...
Please join StudyMode to read the full document