Data Security Case Study of Snowdenia County Council

Question: Describe about the Data Security Case for Study of Snowdenia County Council. Answer: Introduction Today the people and organizations are living in an interconnected world and are producing a lot of data or information as a result of day to day transactions [9]. This data are very sensitive in nature and can be used against organizations as well as individuals. In present scenario, each and every industry or organization is threatened by intrusion or attacks to its database. This exposure of data due to the intrusion helps criminals to breach the privacy of an individual and can affect the business of an organization [7]. As an administrative governing body, the data in the databases of Snowdenia council is very much sensitive. Hence if this data is exposed publically it can create a huge massacre. This report focuses on different methods to secure the data from the different breach and intrusions that can affect Snowdenia county council such as ARP poisoning, intrusion through WiFi networks. Moreover, the report also comprises discussion about different techniques to secure the integrity, confidentiality and the availability of data. In addition to that, criticism about previous attacks, counter measures that may have prevented the attacks are also discussed in this report. (I) Securing Confidentiality, Integrity and the Availability of the Data for Council Information a. Confidentiality, Integrity and the Availability Confidentiality: The confidentiality of data is about protecting the data from unauthorized or outside the council access. The data at Snowdenia county council has its own value due to its sensitiveness (like tender information, budgets). Since counties are elected governing bodies of an area. Therefore database or workstations may consist of some data that is not intended to expose publically [8]. Therefore, to protect the government documents or tender information, it is important to ensure the confidentiality of data at Snowdenia county council. Several measures can be adopted to do this such as Encryption: The encryption of data helps to ensures that only desired people or authority can read or decrypt the information. In order to ensure confidentiality of data the encryption is widely used in the different organizations [5]. Different security protocols like the SSL/TLS are used by the organizations like Snowdenia council, to ensure the secure exchange of data over internet channel. Other methods like, enforcing file permissions and restricting access to the database can also help in ensuring the confidentiality of data at Snowdenia county council [4]. Integrity: Reliable access to data is essential for most of the applications. If a minor change is neglected in early stages then it can cause loss of huge amount of data in the future [3]. This loss of data affected badly on the performance of the council. The integrity of data is about protecting the data from unauthorized modification or alteration of data from inside or outside of the organization. The integrity of data is important for the proper use of it in different applications. Since, data is valuable to an individual or organization if and only if it is correct [10]. In order to ensure integrity of the data the cryptography plays a very vital role. Other methods like hashing are also used to ensure integrity by comparing the hash code of send and the received message. More significantly the use of GPG to digitally sign data helps in the prevention of unwanted and unauthorized data alterations in database. Moreover, it has to be ensured that data at the organization are cor rectly valued like the configuration of the log files have to be perfect [9]. In addition to that, checking of the integrity of data at different granularity levels is also helpful. Availability: Availability of data refers to protection of data and related systems from unauthorized interference [12]. Ensuring availability of data is all about ensuring timely and reliable access to data and to related systems by the authorized users [3]. Being a governing body it is important that only authorized people of Snowdenia council can access its database. There are two main components that are helpful in ensuring the availability of data to its users. First, rules for the systems related to data. These are ensuring the system that operates on data to deliver data whenever it is needed, and the second one is back up of data to ensure the availability of data in case of system failure or loss of data [5]. For systems, its important to know the users, who need to know a particular data and provide it to them. This process is important to make the data available, since each and every user does need all the available organizational data. b. Policies and procedures used to underpin the security aware operations The following policies and procedures can help in ensuring the security aware operations on the organizational and personal data of the Snowdenia county council 1) In its whole lifecycle, all the organizational data shall be protected in a way that is considered reasonable and appropriate [7]. Also the appropriate level of sensitivity and value should be given to organizational data. 2) Any Information System that is used for storing, processing or transmitting the data shall be secured in a manner that is reasonable and appropriate for security of the data. 3) Individuals who have authority to access organizational data should stick to their appropriate roles and responsibilities. 4) In order to save the data from internal intrusions, it is important to encrypt all the disk data as well as email lists in any system [12]. 5) Use of the SSL (Secured socket layer) in the data collection process also helps in preventing the intrusion or breach to the database. (II) Criticism of the Previous Hacking Problem The hacking of the data base includes, use of the ARP poisoning, password cracking and access via internet Wi-Fi facility. a. ARP poisoning ARP poisoning Attack: This attacks work on establishing connections between the attacker and victim machines [1]. This attack depends on the network messages between them. In this type ofattacks, a malicious actor sends falsifiedAddress Resolution Protocol (ARP) messages over a LAN. This helps in the linking of an attacker's computers physical address (MAC address) with the IP address of a legitimate computer or server on the network of Snowdenia council [2].The main aim of these attacks is to redirect the internet traffic to the attackers machine from councils workstations. Mitigation of ARP attacks: In order to protect its computer network the council may have used the ArpON. This is a portable handler daemon and secures the ARP protocol from any kind of spoofing [8]. Moreover use of the dynamic ARP inspection is also helpful in defending this type of attacks. b. Password cracking Password Cracking: The password cracking can be done in different ways. Some of them are defrauding, user analysis, algorithm analysis etc [11]. For the Snowdenia council mainly the defrauding and algorithm analysis are used to crack the user passwords. In case of defrauding, attacker mails or calls the target and pretends to be a security expert to gain passwords. In case of user analysis, attacker tries to analyze online behavior of target to guess and gain the password of its victim. Mitigation from Password cracking attacks: In order to protect the network from password cracking it is important to educate the users of work stations at council [8]. Use of dynamic passwords is also helpful in this scenario. This technique is about the using a onetime password for users to use their workstations. c. Access via internet Wi-Fi Access via internet Wi-Fi: Even though Wi-Fi networks are easily accessible but at the same time this networks are not safe always. In case of Snowdenia county council the attacker infiltrated the less secured wireless network to steal the data from its database [6]. As a result of using the unsecured wireless network at the Snowdenia county council, the attackers breached its data base using it. Mitigation: The mitigation of the risks related to unsecured wireless networks like , Wi-Fi networks can be done using different techniques [2]. The attacks mainly exploited WPS vulnerabilities of wireless network of Snowdenia council. Therefore the network should be encrypted so that it cannot be penetrated easily by attackers. Moreover by disabling remote access from different connected devices also helps in securing the whole network of Snowdenia county council [1]. Moreover it is suggested that to use a firewall so that, incoming and outgoing data packets can be checked and the suspicious packets can be dropped at the edge of its network. (III) Details of the Auditing Approach to Demonstrate Better Compliance In order to demonstrate better compliance with data protection legislation some of the following approaches can be taken. These approaches includes the following, Appointing someone in the council, who is responsible for compliance The person should familiarize staffs and the leaders of the organization with the Acts, guidance and relevant case laws [2]. The appointed person should audit the daily use of personal data at the organization and check its compliance. More over it is important for council to process the data fairly and lawfully. Other considerations like storing adequate and relevant personal data [4]. In addition to that, data should not be stored for longer periods than its requirement. Conclusion The data breach at the Snowdenia county council caused it a loss of huge amount of organizational as well as personal data stored at the database of it. Therefore the mitigation processes like, use of dynamic passwords, securing wireless networks by preventing remote access, use of ArpON to protect the organizational network of Snowdenia council from ARP poisoning attacks. Moreover, to secure the network and to show the better compliance with the data protection legislation the council should appointed security personnel, who will ensure data audit process inside the organization. All this methods can help the Snowdenia council to protect its database from the further breaches. References [1]D. Srinath, S. S.Panimalar, A. Simla and J. J.Deepa, "Detection and Prevention of ARP spoofing using Centralized Server",International Journal of Computer Applications, vol. 113, no. 19, pp. 26-30, 2015. [2]A. M., W. S.Elkilani and K. M.Amin, "An Automated approach for Preventing ARP Spoofing Attack using Static ARP Entries",International Journal of Advanced Computer Science and Applications, vol. 5, no. 1, 2014. [3]S. Nam, S. Jurayev, S. Kim, K. Choi and G. Choi, "Mitigating ARP poisoning-based man-in-the-middle attacks in wired or wireless LAN",EURASIP J Wirel Commun Netw, vol. 2012, no. 1, p. 89, 2012. [4]H. Ma, H. Ding, Y. Yang, Z. Mi, J. Yang and Z. Xiong, "Bayes-based ARP attack detection algorithm for cloud centers",Tinshhua Sci. Technol., vol. 21, no. 1, pp. 17-28, 2016. [5]M. Ko, S. Oh and K. Lee, "Advanced protocol against MITM attacks in Industrial Control System",Journal of the Korea Institute of Information Security and Cryptology, vol. 25, no. 6, pp. 1455-1463, 2015. [6]U. Gupta, "Survey on Security Issues in File Management in Cloud Computing Environment",International Journal of Computer Applications, vol. 120, no. 5, pp. 22-24, 2015. [7]M. AlZain, B. Soh and E. Pardede, "A Survey on Data Security Issues in Cloud Computing: From Single to Multi-Clouds",JSW, vol. 8, no. 5, 2013. [8]W. Ren, J. Lin, Q. Cao and Y. Ren, "LibTiP: a lightweight and robust scheme for data trustworthiness and privacy protection in participatory sensing",IJES, vol. 8, no. 23, p. 266, 2016. [9]J. Singh, J. Powles, T. Pasquier and J. Bacon, "Data Flow Management and Compliance in Cloud Computing",IEEE Cloud Comput., vol. 2, no. 4, pp. 24-32, 2015. [10]S. Romanosky, D. Hoffman and A. Acquisti, "Empirical Analysis of Data Breach Litigation",Journal of Empirical Legal Studies, vol. 11, no. 1, pp. 74-104, 2014. [11]D. Gray and J. Ladig, "The Implementation of EMV Chip Card Technology to Improve Cyber Security Accelerates in the U.S. Following Target Corporation's Data Breach",IJBA, vol. 6, no. 2, 2015. [12]C. Huth, D. Chadwick, W. Claycomb and I. You, "Guest editorial: A brief overview of data leakage and insider threats",Information Systems Frontiers, vol. 15, no. 1, pp. 1-4, 2013.