Data Security




Data security is amechanism that protects data. Notably, such crucial data is databasethat should be compulsively protected from destructive sources orentry by unauthorized sources. Data security is very essential to acompany’s mission statement and overall success. Almost allcompanies need to secure their data and maintain confidentiality ofthe highest level. Data privacy ensures that companies remain uniqueand less susceptible to external attacks, or even “internalthreats.” Data security is virtually important in all areas such asmilitary, business and intelligence sectors. So, one of the primeobjectives of companies is to safeguard the personal data of theclients and employees, in files or in a network based arrangement. Anefficient security plan of a company should meet specific standardssuch as collecting and keeping relevant data keeping it safe andperhaps disposing it off securely. This will be in line with thelegal obligations of protecting sensitive or very sensitive data(FEDERAL TRADE COMMISSION). With the current progress in ITadvancements, data is essentially stored digitally. The era of “shelfware” is almost over now.

Unfortunately,from governmental to non-governmental organizations and even personalspace, the chances of data falling into unauthorized access ispossible, and therefore a threat to information exclusivity.

  • BRI does not use any type of data encryption for data-at-rest but protects data-in-transit using VPN.

In the recentworld, data encryption is one of the most operative datacontrols that many institutions can manage to implement. Theencryption privacy and affectivity is widely dependent on themechanisms regulating the cryptographic security protocols. In thatregard, we are able to see that encryption of data is a protectiontechnique. So, for encryption to be successfully resourceful, allkeys should be sufficiently managed, and protected. Maintenance ofthe keys is also a crucial strategy of ensuring that encryption isupdated and at per with incoming threats. Data at Rest, Datain Transit and Data in Use are the relevant technicalterms that are used to describe the storage, movementand processing of digital data. Consequently, theaccomplishment of data encryption techniques considers all the threestates. Additionally, the cryptographic technique protects data andthus the risk is equally transferred from the data to the encryptedkeys (CLOUD SECURITY ALLIANCE, Sept 2012).

With the advent ofcomputers, almost every data stays or spends most of its life “atrest” whether stored in hard drives or cloud (cloud computing). Itis data that is not acted upon at a given time. Moreover, dataencryption is mainly used for storing data in transit (data inmovement) so that it could be protected from any potential threatsduring the motion stage. So, as we have seen, data at rest stays fora longer time and thus there should be a mechanism to store itpermanently (GRT: FROM INFORMATION TO INTELLIGENCE, 2015). Thus,encryption of data at rest is a key strategy in storing andmaintaining this data. However, a risk is involved, in that theinsiders that store the encryption key have access to the data. Thisis a case scenario of BRI, where administrators were able to accesscertain data out of their jurisdictions. To ensure this is regulated,Data Masking is an effective method of storing data at rest(CLOUD SECURITY ALLIANCE, Sept 2012).

Transferring datain VPN is a common way and it contains various mechanisms such asdata encryption, data encapsulation and tunneling protocols that allguarantee that data in motion is safe (Hotspot Shield, 2015).

  • A division data manager can independently control all key aspects of the processing of confidential data collected through intelligence activities.

When anorganization has different division and branches, key measures shouldbe put into place and this calls for the appointment of datamanagers who are designated with specific tasks that keep theminvolved in their assigned units. All intelligence data collectedfrom field is given to the division data manager, who eventuallyensures that the confidential data at hand is successfully stored,maintained, transmitted and used effectively without breaching anyprotocols. However, the manager should not use this confidential datato his personal benefits because this will put the data into greaterrisk by intrusion from other parties. This was the case of BRIagency, where the chief of the bureau used his personal e-mail systemfor both official business purposes and for his own individual use,and hence exposing the agency’s data to external intrusion (ITAssessment Report-BRI Works).

  • One employee was able to derive classified information by “aggregating” unclassified databases.

It is very crucialto collect all individual data sets, and aggregate them together sothat they can be magnificently stored. Scattered or individual datais highly prone to security threats and this is why it is calledunclassified data. Unclassified data cannot claim ownership ofitself, and this means that anyone can tamper with it and make ameaningful solution out of the scattered puzzles. We can see this bythe fact that an employee of the company had access to unclassifieddata and went forth in aggregating it and thus derived classified(meaningful) and processed data form it. So, it should be a keyconcern that no data is left unattended to, because all or any datamay be useful at future stages (IT Assessment Report-BRI Works).

Unclassified datacreates loopholes in an agency’s or company’s data privacypolicy.


CLOUD SECURITY ALLIANCE (Sept 2012). SecaaS ImplementationGuidance, Category 8: Encryption Retrieved 23rd Nov,2015 from

FEDERAL TRADE COMMISSION Privacy&amp Security&nbsp.

Retrieved 23rd Nov, 2015 from

GRT: FROM INFORMATION TO INTELLIGENCE (2015). Retrieved 23rdNov, 2015 from–-encryption-not-enough

Hotspot Shield (2015). Retrieved 23rd Nov, 2015 from

ITAssessment Report – BRI Works

Retrieved 23rd Nov, 2015 from