Introduction
Protecting information against loss or theft is a mission critical issue in present society. In efforts to reduce this vital issue, organizations have to successfully employ effective media security mechanism. Thus, hardware security ensures the computer system and peripherals are protected from electronic interloping, damage or theft as asserted by Gollmann (2011, p. 224). By ensuring safety of IT hardware, an organization can save a lot of money and time relating to data and hardware loss.
By exploring risks associated with storage media such as; theft, data remanence and data access, this paper discusses the hardware solutions and user policies that an organization can institute to reduce the chances of data exposure and enhance media hardware security.
Data Remanence
Data remanence is a security threat in stored data. Data remanence occurs when a file is not instantly deleted when a user initiates a “delete” action thus moving to a “holding” location to enable a user to reverse a mistake (Stewart et al, 2008, p. 508). This is sometimes caused by file managers, operating systems or other software’s. Efficient application of mitigation can be challenging in an organization. For instance, sometimes storage media can be inaccessible, cannot be successfully erased or have volatile data persistence in memory
According to Gollmann (2011, p. 265), several measures are available to reduce or curb data remanence. One method an organization can use is clearing the data. Clearing involves carefully removing sensitive data from storage media. This is to ensure the removed data cannot be reconstructed using ordinary system utilities or software or data recovery tools. Clearing is characteristically an administrative safety against unintentional leak within an organization (Stewart et al, 2008, p. 507).
Also, purging or sanitizing can be used to reduce data remanence. An organization can do purging before a storage media can be made available outside the intended department, disposal old media or transferring to a computer with unlike security obligation.
Lastly, an organization can physically destroy the storage media. Efficiency regarding physical obliterations varies. For example, density of the media, destruction technique may necessitate the recovery of data. However, destroying the media using appropriate technique ensure security of the media (Stewart et al, 2008, p 508).
Theft
Safeguarding data on storage media devices is important for an organization. Data stored on this hardware can be protected using various methods. According to Gollmann (2011, p. 173) the method employed by an organization should adequately be in tandem with organization IT security policies. This will ensure maximum protection is guaranteed. One method an organization can safeguard data from theft is physically confining a computers in a locked room and restricting access to authorized people. This method can also be applied on servers; computer hardware’s which serves as an essential routing point for information from or to connected computers and the internet (Stewart et al, 2008, p 545). The keys to computer rooms should be entrusted to a one person in case of any issue; he or she can be accountable.
Besides, some storage media for example have internal lock and key security. This is a kind of security password that is a must for one to access computer functions. This security policy works better when incorporated with restricted or unauthorized computer access thus safeguarding data.
Finally, an organization needs to have a comprehensive insurance against larceny of data. The insurance cover has to comprehensively cover the exact value of the hardware and data stored.
Data Access
Protecting an organizations data is vital for modern organization. The capacity of data or information a business or organizations endeavors to safeguard is surging exponentially. To guarantee data safety and integrity, organizations should embrace a variety of hardware security methods (Stewart et al, 2008, p. 190).
One of the security methods an organization can benefit from is using cryptography. Cryptography is a hardware technology which is used to protect confidential information (Rothke, 2005, p. 47). Its working principles entails hiding secret information, providing authentication to authorized users to prohibit undetected amendment and curb unauthorized use of network and its resources by impostors.
The principle of encrypting and decrypting is the mechanism to which cryptography lets secure flow of data within an organization. Organizations which employ this security measure will ensure integrity, confidentiality, authentication, availability and non-repudiation of the organization data. The key reason for confidentiality here is to provide protection and security of data from invasion of any kind (Stewart et al, 2008, p. 338).
Also, authentication will help in proving the true identity of the data owner thus issues of impersonation do not arise because the end recipient of data uses the private and public key.
Consequently, an organization should have a contingency plan of backing sensitive data. Computer hardware is stolen or sometime breaks down. Rothke (2005, p. 42) notes that, to be on the safer side and reduce time and expenses wasted on data recovery, an organization should select secondary storage devices. Depending on the volume of information to be stored and the capacity of the storage media to be used
Conclusion
Hardware security and end user policies help to reduce security threat in an organization. Organizations which have streamlined data access, hardware protection and data remanence policies are on the upper hand of reducing risks which might be poised uncertainly.
Reference List
Gollmann, D. (2011). Computer Security, New Jersey: John Wiley and Sons.
Rothke, B. (2005).Computer Security: 20 Things Every Employee Should Know, London: McGraw Hill Professional.
Stewart, J.M., Tittel, E., & Chapple, M. (2008). CISSP: Certified Information Systems Security Professional Study Guide, New Jersey: John Wiley and Sons.