Skip to main content

Major Project: Data protection

At present, one of the most valuable resource - unless the most - is information. Data protection became essential part of almost any area of the everyday life. The broad term of data protection could be divided in two separate aims. 

 

Most obvious goal is to keep and process data in a secure manner. CIA triad could expand the meaning of secure in this context (SecurityScorecard, 2021). 

C for Confidentiality.  This component ensures that the right information could be accessed by individual with correct authorization. Unless information is public, any subject should have legitimate reason to access certain data. Permission should be granted only for necessary data and only for period of time when such data is needed. Authorization should be revoked immediately after access to data is no longer required.

I for Integrity. Another fundamental component that protects information itself. Data has to be reliable and correct, thus must be kept safe from unauthorized changes.

A for Availability. Information needs to be accessible to authorized entities at any time. Disruption in availability could be caused by corruption or deletion of data, interference with storing device or with the transfer of data - for example by denial of service attack. 

 

The other less obvious aim of data protection is to ensure entities have control over their data and to enforce their rights regarding information. Information subject must express consent before data is collected or processed - consent could not be assumed. Subject has also right to modify or request deletion of part or all data. Any data leak or security breach that could have possibly exposed individual information needs to be disclosed to all affected entities. Those are examples of rights every data subject have regarding their information (ICO, 2018).


At present, there is increasingly more attention from governments to privacy and data protection issues. The law is getting more precise and tend to get unified internationally for extensive protection and adaptation to services accessible worldwide.



References:

ICO, 2018. Guide to the General Data Protection Regulation (GDPR)/ Individual rights. [online] Information Commissioner's Office. Available at: <https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/> [Accessed 11 May 2022].

SecurityScorecard, 2021. What is the CIA Triad? Definition and Examples. [online] SecurityScorecard. Available at: <https://securityscorecard.com/blog/what-is-the-cia-triad> [Accessed 11 May 2022].

Comments

  1. KabiruApril 28, 2022 at 7:22 AM

    Expand on your secondary research base to have more relevant information for this research.

    ReplyDelete

Post a Comment

Popular posts from this blog

Computer Ethics

The invention of computers was undeniably significant milestone for civilisation. Creation of that extensively versatile and multipurpose device was an advancement that commenced a new age - Information Age - in a history of humankind. However with new possibilities, new threats follows: cyber crime, cyber terrorism or cyber war. Computer ethics consists of rules, practices and areas that should be taken into consideration while designing, implementing and using information and communication technologies. It was a predecessor to ICT related legislation and expands current legal obligations for every individual involved.  The first of computer ethics commandments says: "Thou shalt not use a computer to harm other people".   Often ethic codes are assigned to activities that have potential to be unethical, and within computer sciences the first thought is majorly hacking. In general, hacking refers to activities leading to acquire access to systems or data without permission...
Post a Comment
Read more