A practical guide for business owners looking to understand what cybersecurity is, sharpen their knowledge, and keep up-to-date with cybersecurity.
1. What is cyber security?
Cybersecurity refers to techniques and processes that ensure the safety of the information you store electronically. This information may include sensitive business data in a database on the cloud or on networked hard drives. It may also relate to data stored on portable devices, like smartphones or tablets.
People tend to think of cybersecurity in relation to sensitive customer or financial data. These certainly form much of the central focus of cybersecurity. However, the term also encompasses “softer” data targets, like policy documents, reports, and personal data.
Confidentiality is likely an idea with which you’re already at least broadly familiar. The term refers to the privacy of your data. When your information is confidential, it isn’t disclosed or accessible by any unauthorized individual or organization. Confidential data is private data. You control who sees it.
Some examples of how confidentiality can be assured include:
- Two-factor authentication: A process of entering both a master password and an additional access key to access private data
- Data classification: Setting up access permissions by record type to ensure that sensitive data is only available to authorized people, usually within a company
Whereas confidentiality refers to data access, the idea of integrity is more concerned with the accuracy of that data. Data integrity means you have an assurance that your data can’t be altered, augmented, or deleted — either by an unauthorized third-party or as a result of hardware or software failure.
Here are some concrete examples of how data integrity can be protected:
- Cloud backup solutions: Cloud-based platforms that automatically store backups of file data, allowing users to restore files if they are erased or become corrupted.
- File monitoring software: Software that monitors critical files to detect any attempted changes, both to their content and their file location. Any such modifications may be password protected or only be available to authorized individuals.
The concept of availability refers to a person or organization’s ability to access their data as needed. While some might assume availability is a less critical component of security, our continued migration to online data storage has made businesses and individuals vulnerable to direct attacks on data availability. This is known as a distributed denial-of-service (DoS) attack.