Data security is the practice of protecting digital information from creation to deletion. When we talk about data security, we usually mean the protection of:
- Data Confidentiality – ensuring data cannot be seen by those who should not see it
- Data Integrity – ensuring data cannot be changed by those who should not change it
- Data Availability – ensuring data is available for those who need it when they need it
- Data Deletion – ensuring data is destroyed safely when no longer required
While the first three are commonly discussed, the introduction of legislation such as the General Data Protection Regulation (GDPR) has made it more important than ever that data is only retained as long as required for the initial reason that it was collected and securely deleted once its use case has expired.
Why is Data Security Important?
Data security is critical for all organisations. If we fail to protect the confidentiality of data we open ourselves up to a wide range of possible negative outcomes such as harm to individuals, loss of customers and revenue, and fines and lawsuits from governing bodies and those whose data has been exposed. If we fail to protect data integrity we cannot trust the decisions we make upon it. And if data isn’t available when it is needed it is needed the most, decisions cannot be made and orders cannot be shipped.
What Makes Data Security Challenging?
Data is everywhere. On end-user PCs, laptops, and mobile devices and smart phones, in databases, on servers, in cloud-hosted SaaS apps, and on social media. Everyone can create it, any many people will use it.
Structured data is more commonly managed and controlled by an organisations IT department. Unstructured data, on the other hand, can and will be stored anywhere, often without the IT team knowing about it.