Data File Encryption

CIA (more details in other read)

C - Confidentiality I - Integrity A - Availability

How to achieve confidentiality in enterprises file transfers

Encryption solutions are usually grouped into two categories: those that encrypt data-at-rest and those that decrypt data-in-transit. File transfers require both. When you encrypt data before (while in the sender's server), during (while traversing the network), and after (upon arrival at the recipient's server) a file transfer, you call that end-to-end encryption.

How to achieve integrity in enterprises file transfers

To achieve data integrity in your file transfers, you can use hash functions and digital signatures. These solutions will enable file transfer recipients to determine if the files they receive have been tampered along the way.

How to achieve availability in enterprises file transfers

Achieving high availability in enterprise file transfers requires a combination of redundancy, failover mechanisms, load balancing, monitoring, and troubleshooting. By implementing these strategies, organizations can ensure that file transfers remain available and reliable, even in the face of hardware, network, or other issues.

Hashes

A hash function is a mathematical algorithm that takes input data of chosen size and outputs a fixed-size string of characters, which is called a hash value. The hash function uses a one-way function. Hash functions are commonly used for data verification because they can detect whether any data has been altered.

Hash functions on any OS

You can understand how to check the hash of a file in any OS with this link: https://www.howtogeek.com/67241/htg-explains-what-are-md5-sha-1-hashes-and-how-do-i-check-them

Questions

You have been made responsible for the company’s file server. How would you preserve the three elements of the CIA triad?

The CIA Triad consists in confidentiality, integrity and availability. To preserve confidentiality, I would implement access controls to ensure that only authorized personnel can access sensitive data on the file server. To preserve integrity, I would implement regular backups to ensure that data can be restored in case of accidental or deliberate modifications. And finally, to preserve availability I would implement redundant systems, such as backup servers and network connections, to ensure that data can be accessed even if one system fails. And regular maintenance and monitoring procedures to detect and fix any potential issues before they can cause disruptions.

Explain how hashing verifies data integrity using non-technical terms.

Hashing is like making a digital fingerprint of a file. Just like your fingerprint is unique to you, a hash is unique to the file or data it represents. When you make a hash of a file, you get a long string of letters and numbers that represent that file or data. If someone changes the file or data, even by just one tiny bit, the hash changes too. So if you have the original hash and the file or data changes, the new hash won't match the original hash. This means you can check the hash of a file or data and compare it to the original hash to make sure nothing has changed. If the hashes match, you know that the file or data hasn't been tampered with or changed in any way.

How is hashing and encryption different?

The key difference between encryption and hashing is that encryption transforms data into a secret code that can be decrypted back to its original form, while hashing transforms data into a unique fixed-size output that cannot be reversed to its original form.