Logo

Navigation
  • Home
  • Services
    • ERP Solutions
    • Implementation Solutions
    • Support and Maintenance Solutions
    • Custom Solutions
    • Upgrade Solutions
    • Training and Mentoring
    • Web Solutions
    • Production Support
    • Architecture Designing
    • Independent Validation and Testing Services
    • Infrastructure Management
  • Expertise
    • Microsoft Development Expertise
    • Mobile Development
    • SQL Server Database and BI
    • SAP BI, SAP Hana, SAP BO
    • Oracle and BI
    • Oracle RAC
  • Technical Training
    • Learn Data Management
      • Business Intelligence
      • Data Mining
      • Data Modeling
      • Data Warehousing
      • Disaster Recovery
    • Learn Concepts
      • Application Development
      • Client Server
      • Cloud Computing Tutorials
      • Cluster Computing
      • CRM Tutorial
      • EDI Tutorials
      • ERP Tutorials
      • NLP
      • OOPS
      • Concepts
      • SOA Tutorial
      • Supply Chain
      • Technology Trends
      • UML
      • Virtualization
      • Web 2.0
    • Learn Java
      • JavaScript Tutorial
      • JSP Tutorials
      • J2EE
    • Learn Microsoft
      • MSAS
      • ASP.NET
      • ASP.NET 2.0
      • C Sharp
      • MS Project Training
      • Silverlight
      • SQL Server 2005
      • VB.NET 2005
    • Learn Networking
      • Networking
      • Wireless
    • Learn Oracle
      • Oracle 10g
      • PL/SQL
      • Oracle 11g Tutorials
      • Oracle 9i
      • Oracle Apps
    • Learn Programming
      • Ajax Tutorial
      • C Language
      • C++ Tutorials
      • CSS Tutorial
      • CSS3 Tutorial
      • JavaScript Tutorial
      • jQuery Tutorial
      • MainFrame
      • PHP Tutorial
      • VBScript Tutorial
      • XML Tutorial
    • Learn Software Testing
      • Software Testing Types
      • SQA
      • Testing
  • Career Training
    • Career Improvement
      • Career Articles
      • Certification Articles
      • Conflict Management
      • Core Skills
      • Decision Making
      • Entrepreneurship
      • Goal Setting
      • Life Skills
      • Performance Development
      • Personal Excellence
      • Personality Development
      • Problem Solving
      • Relationship Management
      • Self Confidence
      • Self Supervision
      • Social Networking
      • Strategic Planning
      • Time Management
    • Education Help
      • Career Tracks
      • Essay Writing
      • Internship Tips
      • Online Education
      • Scholarships
      • Student Loans
    • Managerial Skills
      • Business Communication
      • Business Networking
      • Facilitator Skills
      • Managing Change
      • Marketing Management
      • Meeting Management
      • Process Management
      • Project Management
      • Project Management Life Cycle
      • Project Management Process
      • Project Risk Management
      • Relationship Management
      • Task Management
      • Team Building
      • Virtual Team Management
    • Essential Life Skills
      • Anger Management
      • Anxiety Management
      • Attitude Development
      • Coaching and Mentoring
      • Emotional Intelligence
      • Stress Management
      • Positive Thinking
    • Communication Skills
      • Conversation Skills
      • Cross Culture Competence
      • English Vocabulary
      • Listening Skills
      • Public Speaking Skills
      • Questioning Skills
    • Soft Skills
      • Assertive Skills
      • Influence Skills
      • Leadership Skills
      • Memory Skills
      • People Skills
      • Presentation Skills
    • Finding a Job
      • Etiquette Tips
      • Group Discussions
      • HR Interviews
      • Interview Notes
      • Job Search Tips
      • Resume Tips
      • Sample Resumes
 

Data Protection Protocols

By Chandra Vennapoosa | on November 30, 2011 |
Networking

Data protection is an integral part of any network system. Care should be taken to ensure that system data remains protected during all the times under all the circumstances.  In this article you will learn about data protection in two scenarios. The first one is protecting your data on internet using Internet Security Protocol such as IPsec. Secondly, you will learn how to protect your data during transit. 

Topics

  • Using IPsec to Protect Your Data
  • IPsec Network Layer Security
  • IP Transaction Header Extensions Modes
  • How to Protect Data When Its in Transit
  • Storing Personal Data on Portable Devices
  • Installing Anti Virus and Fire Wall Program

Using IPsec to Protect Your Data

IPsec, also known as the Internet Security Protocol, is a collection of protocols that can be used to offer secure communications via the Internet on the network layer. Some of the services which IPsec can offer include the authentication of data sources, data integrity, shielding against replay attacks, and confidentiality.

There are a number of components which make up IPsec as well. To undersand the importance of IPsec, it is first important to understand Network security. First off, the security of communications via networks, both public and private, has been an issue of concern for quite some time.

As e-commerce continues to play a larger role in the world economy, a high demand has grown when it comes to the outsourcing of specific services, and this includes web hosting. In addition to this, the increased adoption of Application Service Providers has also increased for high levels of security which are ubiquitous.

Much of the network traffic that flows through the Internet and Intranet today are dependent on TCP/IP. At the same time, the standard Internet Protocol has not successfully established security structures, so the implementations for application layers, like SSL or S-HTTP for instance, have been utilized to offer data security.

SSL will generate the secure connection among the server and the client, and through this connection, a large amount of encrypted data can be transferred. The Web pages that need the SSL connection will begin their URLs with the https designation, rather than the standard http that is used for most sites. At the same time, these implementations will need the sending and the receiving stations to process the necessary application software, as well as the Web browser, and only the data that is transferred back and forth to the web server will be secure.

IPsec Network Layer Security

Unlike S-HTTP or SSL, IPsec is one of the Internet Engineering Task Force standards. It can actually give you security at the network layer. This can also give more flexibility during its implementation. IPsec will allow both secure and private communication to be made over the Internet, and it does not matter what higher level protocols are used. Some of the other characteristics which are connected to IPsec include its ability to authenticate the receivers and transmitters of information, and it can conceal the data that is sent via encryption.

Because the data can be encrypted, this means that data integrity is maintained. This also means that it can work well with any application that is IP based. Some of the data which Ipsec can protect includes human resources information, medical data, payroll data, and any information which is deemed as being sensitive.

IPsec can conceal this information whether it is sent via the Internet or a corporate Intranet. It can ensure that the information which is transferred is only seen by those who are authorized to see it. At the same time, IPsec will not provide security for certain applications which are currently being used.

Examples of this include applications that utilize SSL, PGP, or the Secure Electronics Transactions, which will typically be used when handling credit card information. There are a number of things that can be done to define the components which make up IPsec.

IPsec has a suite which makes use of cryptography, and this includes ESP, or the Encapsulating Security Payload, and the AH, or Authentication Header. Some other important components which make up IPsect are the Internet Security Association, as well as the Key Management Protocol.

 IP Transaction Header Extensions Modes

There are two standard modes that are used for the implementation of header extensions, and these are the transport mode and the tunnel mode. The transport mode will provide support for communications which are either client to server or client to client. It will not make use of any security gateways which intervene.

The tunnel mode will provide support for the remote access, along with secured communications that are site-to-site. The ESP header can also be useful in keeping your data secure. It provides encryption and data origin authentication.

In addition to this, ESP also offers authentication for the data origin, as well as data integrity and anti-replay services. ESP will function at either the transport or network layer, and ESP can also be used for securing the FTP session, and it does this by encrypting every bit of data which is transmitted during a session.

ESP will typically provide security against replay attacks by offering the sequence number inside the header. The sequence number is a distinct value which is placed inside the header via the sender, and will decide whether the packet is the duplicate that must be dropped.

How to Protect Data When Its in Transit

While there are many methods you can use to physically protect your electronic devices, whether it be laptops, PDAs, or any portable device, you are still not guaranteed that it won't be stolen. This should be obvious, since portable devices can easily be transported. While the theft by itself is frustrating, annoying, and very unnerving, this is only the start of your problems. The next you have to worry about is the vulnerability of information which is confidential. In addition to this, if your device can connect to the Internet, it is vulnerable to network attacks.

There are a number of things you can do to protect your devices from being stolen by others. The first is to make sure you use passwords in the proper manner. When you attempt to access certain types of information on your PDA, laptop, or other portable devices, you will often need to enter passwords. This is security that you should take advantage of. For your portable devices, it is wise to avoid having your computer remember certain passwords, since if the device falls into the wrong hands, it is easy for criminals to access your information.

It is also important to avoid picking passwords that the typical thief could easily decipher. One common mistake that many people make is using the same password for different programs. Sure, it is convenient, but if your device is compromised, it is also convenient for criminals to gain access to all your personal information. You will often find that there are additional authentication methods that you can use with your programs, and I would advise you to make use of them for extra security. It is wise to take all the security precautions necessary for your portable devices.

Storing Personal Data on Portable Devices

One of the biggest mistakes that many people make is storing personal information on their portable devices. Unless this information is heavily encrypted, you are asking for trouble. Even when the information is encrypted, if your device is stolen, and the person who gets it is determined and technically savvy, it will only be a matter of time before they break through your encryption.

The best way to avoid having your personal information compromised is to avoid storing it on your portable devices altogether.  Avoid putting credit card numbers, social security numbers, your address, or any other piece of personal information on your portable device. That way, if it is stolen, while you will be frustrated and annoyed, you will not have to worry about being victimized further by someone using your personal information.

There is a wide variety of storage media available on the market, and this includes zip disks, DVDs, floppy diks, and thumb drives, just to name a few. By placing your sensitive data on a media which is removable, and keeping it away from your portable devices, you will be protected.

Even then, you will want to make sure you keep the removable storage in a safe place so that it also is not easy to access, but removable media is just as easily transportable as portable devices, if not more so. Another thing that you will want to consider is encrypting your files.

Through the encryption of files, you will be sure that others cannot see your data, even when they are able to access it physically. One type of encryption that you will want to think about is full disk encryption, which can prevent the thief from even starting your laptop if they do not have the proper passphrase.

Installing Anti Virus and Fire Wall Program

Viruses can be just as destructive to your system as thieves, and the reason for this is because they can cause your system to crash, corrupt sensitive files, and even erase data. It is also important to keep the virus definitions up to date. It is also important to install a firewall on your system and maintain it.

While it is important to control the amount of traffic from entering and leaving your system, firewalls become extremely important when you are traveling and making use of various networks. Firewalls can stop unwanted outsiders for accessing your system.

It is also important to make sure you back up your data. This data should be backed up to either a DVD-ROM CD-ROM, or even a network. This is important so that you can still have access to critical information should your computer or portable device become compromised.

However, it would also be helpful if you could identify the information that a thief would be likely to access. In today's mobile world, one cannot afford to take the precautions which are necessary to protect their portable devices. Due to the rampant increase of identify theft, not taking the proper precautions can lead to highly undesirable consequences.

« « How to Effectively Protect Your System
How to use Hashes to Ensure Integrity » »

Author Description

Chandra Vennapoosa

Chandra Vennapoosa, B.S Arch Graduate, Managing Director - Exforsys Inc, Founder of exforsys.com and geekinterview.com. Chandra's mission is "to provide quality career coaching and interview advice for aspiring candidates". She is an avid writer and is also very passionate to help others become professional freelancers. In addition to several online trainings, she has authored the popular book "How to Become a Successful Freelancer"

Free Training

RSSSubscribe 392 Followers
  • Popular
  • Recent
  • Bus Topology

    February 21, 2008 - 0 Comment
  • Fiber Distributed Data Interface (FDDI)

    March 6, 2008 - 0 Comment
  • Network Designs

    February 24, 2008 - 0 Comment
  • Point to Point Protocol (PPP)

    March 6, 2008 - 0 Comment
  • Network Management

    February 24, 2008 - 0 Comment
  • Network Topology

    February 25, 2008 - 0 Comment
  • Synchronous Data Link Control (SDLC)

    March 13, 2008 - 0 Comment
  • Linux Thin Client Networks Design and Deployment

    October 2, 2009 - 0 Comment
  • Home Networking

    February 25, 2008 - 0 Comment
  • Switched Multi Megabit Data Service (SMDS)

    March 13, 2008 - 0 Comment
  • How to use Hashes to Ensure Integrity

    November 30, 2011 - 0 Comment
  • How to Effectively Protect Your System

    November 28, 2011 - 0 Comment
  • Network Security Firewall and Architecture

    November 26, 2011 - 0 Comment
  • Preventing Network Intrusion

    November 24, 2011 - 0 Comment
  • Creating and Developing Security Policies

    November 23, 2011 - 0 Comment
  • Linux Thin Client Networks Design and Deployment

    October 2, 2009 - 0 Comment
  • High Level Data Link Control (HDLC)

    March 29, 2008 - 0 Comment
  • IPv6

    March 20, 2008 - 0 Comment
  • High-Speed Serial Interface (HSSI)

    March 20, 2008 - 0 Comment
  • Frame Relay

    March 17, 2008 - 0 Comment

Exforsys e-Newsletter

ebook
 

Related Articles

  • How to use Hashes to Ensure Integrity
  • How to Effectively Protect Your System
  • Network Security Firewall and Architecture
  • Preventing Network Intrusion
  • Creating and Developing Security Policies

Latest Articles

  • Project Management Techniques
  • Product Development Best Practices
  • Importance of Quality Data Management
  • How to Maximize Quality Assurance
  • Utilizing Effective Quality Assurance Strategies
  • Sitemap
  • Privacy Policy
  • DMCA
  • Trademark Information
  • Contact Us
© 2023. All Rights Reserved.IT Training and Consulting
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptReject Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT