Recommendation of a security architecture for data loss prevention

Data and people are the most important assets of any organization. The amount of information that is generated increases exponentially due to the number of new devices that create information. On the other hand, more and more organizations are covered by some type of regulation, such as the General Data Protection Regulation. Organizations implement several security controls, however, they do not focus on protecting the information itself and information leakage is a reality and a growing concern. Based on this problem, there is a need to protect confidential information, such as clinical data, personal information, among others. In this regard, data loss prevention solutions (DLP – Data Loss Prevention) that have the ability to identify, monitor and act on data considered confidential, whether at the endpoint, data repositories or in the network, should be part of the information security strategy of organizations in order to mitigate these risks. This dissertation will study the topic of data loss prevention and evaluate several existing solutions in order to identify the key components of this type of solutions. The contribution of this work will be the recommendation of a security architecture that mitigates the risk of information leakage and that can be easily adaptable to any DLP solution to be implemented by organizations. In order to prove the efficiency of the architecture, it was implemented and tested to mitigate the risk of information leakage in specific proposed scenarios.A informação e as pessoas são os ativos mais importantes de qualquer organização. A quantidade de informação que é gerada aumenta exponencialmente devido à quantidade de novos dispositivos que produzem informação. Por outro lado, cada vez mais organizações são abrangidas por algum tipo de regulamento, como o Regulamento Geral de Proteção de Dados. As organizações implementam vários controlos de segurança, no entanto, não se focam na proteção da informação em si e a fuga da informação é uma realidade e uma preocupação crescente. Com base neste problema, existe a necessidade de proteger a informação confidencial, como dados clínicos, informação pessoal, entre outros. Neste sentido, as soluções de prevenção da fuga de informação (DLP – Data Loss Prevention) que têm a capacidade de identificar, monitorizar e atuar em dados considerados confidenciais, seja ao nível do endpoint, repositório de dados ou na rede, devem fazer parte da estratégia da segurança da informação das organizações por forma a mitigar estes riscos. Esta dissertação vai analisar a temática da prevenção da fuga de informação e avaliar várias soluções existentes com o propósito de identificar as componentes chave deste tipo de soluções. A principal contribuição deste trabalho será a recomendação de uma arquitetura de segurança que mitigue o risco da fuga da informação e que poderá ser facilmente adaptável a qualquer solução de DLP a ser implementada pelas organizações. Por forma a comprovar a eficiência da arquitetura, a mesma foi implementada e testada para mitigar o risco de fuga da informação em cenários específicos que foram definidos

UK security breach investigations report: an analysis of data compromise cases

This report, rather than relying on questionnaires and self-reporting, concerns cases that were investigated by the forensic investigation team at 7Safe. Whilst removing any inaccuracies arising from self-reporting, the authors acknowledge that the limitation of the sample size remains. It is hoped that the unbiased reporting by independent investigators has yielded interesting facts about modern security breaches. All data in this study is based on genuine completed breach investigations conducted by the compromise investigation team over the last 18 months

User-profile-based analytics for detecting cloud security breaches

While the growth of cloud-based technologies has benefited the society tremendously, it has also increased the surface area for cyber attacks. Given that cloud services are prevalent today, it is critical to devise systems that detect intrusions. One form of security breach in the cloud is when cyber-criminals compromise Virtual Machines (VMs) of unwitting users and, then, utilize user resources to run time-consuming, malicious, or illegal applications for their own benefit. This work proposes a method to detect unusual resource usage trends and alert the user and the administrator in real time. We experiment with three categories of methods: simple statistical techniques, unsupervised classification, and regression. So far, our approach successfully detects anomalous resource usage when experimenting with typical trends synthesized from published real-world web server logs and cluster traces. We observe the best results with unsupervised classification, which gives an average F1-score of 0.83 for web server logs and 0.95 for the cluster traces

Network and Database Security: Regulatory Compliance, Network, and Database Security - A Unified Process and Goal

Database security has evolved; data security professionals have developed numerous techniques and approaches to assure data confidentiality, integrity, and availability. This paper will show that the Traditional Database Security, which has focused primarily on creating user accounts and managing user privileges to database objects are not enough to protect data confidentiality, integrity, and availability. This paper is a compilation of different journals, articles and classroom discussions will focus on unifying the process of securing data or information whether it is in use, in storage or being transmitted. Promoting a change in Database Curriculum Development trends may also play a role in helping secure databases. This paper will take the approach that if one make a conscientious effort to unifying the Database Security process, which includes Database Management System (DBMS) selection process, following regulatory compliances, analyzing and learning from the mistakes of others, Implementing Networking Security Technologies, and Securing the Database, may prevent database breach

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

Data Leaks Detection Mechanism for Small Businesses

The protection of sensitive customer information is a vital responsibility for companies of all sizes. In modern times, there is a significant need for not only protecting the data that is being shared but also gaining knowledge of its leakage points and the circumstances under which it is compromised. After locating the location where data is being lost, it is necessary to identify the person responsible for the breach. When it comes to protecting a company from suffering significant financial damage because of data leakage throughout the course of normal business operations, it is very essential to have a solid understanding of the individuals who are responsible for leaking the data. This study tries to discover how small firms might be assisted in protecting the sensitive information that they own. This study\u27s objective is to determine how sites of companies react to attacks that are damaging to their operations so that appropriate action may be taken

PCI DSS case study: Impact in network design and security

The Payment Card Industry Data Security Standard is a set of twelve security requirements applicable to all institutions and systems handling, storing or transmitting cardholder information. It was created by the main card brands in a united effort to respond to the increasing number of attacks and data breaches cases targeted and linked to card and cardholder data. The standard considers points such as policies design, data security, network architecture, software design, application security, transmission encryption requirements and so on. Being compliant with the standard can be both expensive and traumatic for any business willing to do it. This research analyzes the impact that this compliance achievement process can have on an enterprise. This work is focused on the networking infrastructure and security and application security in general. This is a case study based on a real situation, where real current procedures and implementations were evaluated against the standard requirements regarding networking design, security and applications security. This will provide a benchmark of the situation towards getting the compliance validation in the company subject of this case study

A Study on Security Attributes of Software-Defined Wide Area Network

For organizations to communicate important data across various branches, a reliable Wide Area Network (WAN) is important. With the increase of several factors such as usage of cloud services, WAN bandwidth demand, cost of leased lines, complexity in building/managing WAN and changing business needs led to need of next generation WAN. Software-defined wide area network (SD- WAN) is an emerging trend in today’s networking world as it simplifies management of network and provides seamless integration with the cloud. Compared to Multiprotocol Label Switching (MPLS) majorly used in traditional WAN architecture, SD-WAN incurs less cost, highly secure and offers great performance. This paper will mainly focus to investigate this next-generation WAN’s security attributes as security plays a crucial role in SD-WAN implementation. The goal of the paper is to analyze SD-WAN security by applying principles of CIA triad principle. Comparison of SD-WAN products offered by three different vendors in SD-WAN market with respect to its security is another important area that will be covered in this paper