Type of paper:Â | Essay |
Categories:Â | Computer science Cyber security Information systems |
Pages: | 5 |
Wordcount: | 1354 words |
Introduction
Breaches of personal information are associated with a trail of consequences. Many organizations have a large number of employees who are required to provide their detailed background information. In most cases, the information obtained by employers cut across the entire life of the employees. In the digital world, most information is kept in computers encrypted-hard drives. Information stored in these computers can be stolen or accidentally leaked if the encryption is not strong. The outcome of a personal data breach is so significant that it cannot be assumed; for instance, if personal information such as password lands in criminal hands can wreak havoc by allowing them to spend cash that they did not own through applying for new cards (Catericchia, 2005). Besides, exposure to family information to criminals may compromise with their safety as they can be accessed whenever they reside. According to Halvorson (2010), military information is much more sensitive as it can compromise with the security of the whole nation. Therefore, information stored in their database must be properly encrypted to prevent any breach. Despite the various encryption algorithms available for securing information, only a few can be adopted for military purposes. As a member of the PII system developer in a security firm, I would recommend the use of the RSA algorithm. The RSA encryption is a standard coding that allows every user to encrypt their data by placing a password that can be changed. In such, hacker finds it quite hard to decrypt and to access information.
Symmetric and Asymmetric Key Encryption
In the system, I would employ the use of asymmetric key encryption rather than using symmetric key encryption. By using the asymmetric key, I would be able to offer maximum security because it is complex in the form in which it interchanges the encrypting codes over several users. The symmetric is simple and allows all users to know the secret code in accessing hence prone to attack once a code is learned. The dual end encryption in asymmetric encryption prevents any malicious activity from prevailing (Sasi et al., 2014).
Critical Length and Key Security
Since I recommend the use of asymmetric encryption, specifically the RSA, the maximum length of the key will be required for tighter security. In this instance, I would recommend the use of 4,096 bits. Additionally, since the security of the key is the priority, a keyed-hash code of authentication will be incorporated. Besides, key algorithm support such as AES-GCM may be added to reinforce key security features (Stubbs, 2018).
Securing Key-Encrypting-Keys
Surveillance Self Defense (2018) suggested that since the information is transferable between intended parties may be subject to attack, securing the key would be the most effective way of preventing it. I would use fingerprint verification, which checks values against the intended recipient. Besides, encoding the keys' end-to-end encryption would prevent an attack.
Mechanisms for Restricting Key Access
Once the keys have been loaded with information, they need to secure in such a way that their accessibility should be restricted. In this program, I would recommend restriction to avoid falling into unintended hands. First, I would ensure that all the computers keeping the information are physically secured, probably by locking them in a secure room. Besides, all keys should be kept far from what they decrypt. Additionally, frequently upgrading the system to unfold unanimous activities help to tighten key accessibility (Nakashima, 2015).
Access Restriction and Storage of Keys
For this program, I propose to the key escrow technology to keep my important data. In such, the key will be linked to the system where encryption will be available. Information placed on these keys will only be accessible once verification of inputs is done. To limit their accessibility, they would be stored in the cloud directory, which only allows the admin to identify all users and grant them accessibility (DeMeyer, 2019).
Other Mechanisms of Securing Encryption Keys on Inside Threat
Once the security key has been compromised, the information is readily available to attackers. However, there is only one way in which the keys content can be recovered – only by engaging an electronic management system. In such a scenario, the system must be obtained from a reputable provider and later link it with the keys hardware security modules which protect the key by generating new ones (Stubbs, 2018). Despite keeping various keys secured, I would prioritize keeping sensitive ones in a safe place; first, these include the Hash, Private, and Symmetric keys. Accordingly, having a tamper-resistant HSM on every key will prevent intrusion.
Access Compromised Key – Rouge
There is various malware that risks the intrusion of data on the key. Individuals using the system can be the greatest threat to breaching information; therefore, in crafting the system, I propose incorporating an anti-spyware in the data. As the name of the framework suggests, it unfolds all malicious activities by reporting back to the administrator, allowing necessary actions to be done before an information data breach occurs. Accordingly, since information may be manipulated before action is taken, backing up the key in the cloud would enhance incomplete recovery damage.
How Design Prevents Compromise of the Sensitive Data
In the proposed security system, a series of measures have been taken to counter inside threat might occur. For instance, the use of long length encryption key generates an ideal RNG such that vulnerability is minimized. The electronic key management readily provides a solution once such a scenario transpires. Once the key is transferred to an unknown user, the system automatically rotates the keys, secures its distribution automatically, and finally destroy the cycle preventing a breach.
Internet Data Transfer and Encryption
Since the conveyance of information majorly is through the Internet, securing this data is a significant thing in preventing breaches. In an instance where classified information has to be transferred by the Internet, a virtual private network (VPN) provides the best encryption. The VPN has a series of encryption layered from the sender to the recipient. This encryption allows only the target audience while excluding intruders. The VPN system has features such as network security, which allows keeps data monitored. Besides relying on the VPN, sending the data through recognized websites possible to the HTTPS encrypted ones provide adequate security.
Policy Framework of the Security System
The policy stipulates to provide encryption to the military personal information system, which has been categorized as classified data under the United States security act. This policy is related to others in such a way that it forms a section of the Information Security Management Framework. The military will deploy necessary cryptographic measures to prevent the risk of tamper or disclosure of confidential data; this will be done in association with linked encryption keys. Information that is classified within the military base shall be kept and managed by the base security system; however, in case of transfer, the data will be encrypted. Personal devices are not allowed to carry information whatsoever. All devices belonging to the security base shall be encrypted at full length at all times of transit.
References
Catericchia, D. (2005). Safeguarding HR information. Shrm Magazine. https://www.shrm.org/hr-today/news/hr-magazine/pages/1105caterinicchia.aspx
Demeyer, Z. (2019, April 2). What is a Key Escrow? – Store Cryptographic Keys. JumpCloud. https://jumpcloud.com/blog/key-escrow
Halvorson, A. (2010). Understanding the military: The institution, the culture, and the people. Substance Abuse and Mental Health Services Administration Center for Substance Abuse Treatment Partners for Recovery Initiative. SAMHSA. https://www.samhsa.gov/sites/default/files/military_white_paper_final.pdf
Nakashima, E. (2015, July 10). Hacks of OPM databases compromised 22.1 million people, federal authorities say. The Washington Post. https://www.washingtonpost.com/news/federal-eye/wp/2015/07/09/hack-of-security-clearance-system-affected-21-5-million-people-federal-authorities-say/
Sasi, S. B., Dixon, D., Wilson, J., & No, P. (2014). A general comparison of symmetric and asymmetric cryptosystems for WSNs and an overview of location-based encryption technique for improving security. (IOSR Journal of Engineering, 4(3). http://iosrjen.org/Papers/vol4_issue3%20(part-3)/A04330104.pdf
Stubbs, R. (2018, February 19). Classification of cryptographic keys. Key management. https://www.cryptomathic.com/news-events/blog/classification-of-cryptographic-keys-functions-and-properties.
Surveillance Self Defense [SSD]. (2018). A deep dive into the End-to-end encryption: How do public-key encryption systems work? Ssd.Eff.Org. https://ssd.eff.org/en/module/deep-dive-end-end-encryption-how-do-public-key-encryption-systems-work
Cite this page
Essay Sample on Securing Sensitive Data: Strategies to Prevent Data Breaches. (2023, Oct 16). Retrieved from https://speedypaper.com/essays/essay-sample-on-securing-sensitive-data-strategies-to-prevent-data-breaches
Request Removal
If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal:
- Free Essay Sample: Industrial Internet of Things
- Information System Concept
- Free Essay Sample on Accounting and Technology
- Free Essay Sample: Optimization of Satellite Communication
- Essay Sample Dedicated to Nuclear Weapons Possession Rights
- Power of eHealth Solutions for a Sustainable Ecosystem - Paper Sample
- Paper Example. Android Versus iPhone
Popular categories