9 5 2024 - rtji0/Arthur-Tech-Journal GitHub Wiki

9-5-2024

Locks

  • Electronic combo lock
  • Not perfect, can still be bypassed several ways
  • Physical key as a backup always practical - but key has no record of entry

Data Leak Prevention

  • Intentional and unintentional data leakage is a significant means of letting data escape
  • Faraday cage, protected cable distro systems

fuuv

  • Unauthorized people can read electromagnetic signals given off by any electronic device (EMI)
  • Faraday cages prevent entry or exit of electromagnetic fields
  • Faraday bags - more portable

Fiber Optic Cable

  • Way faster than conventional cables like coaxial, but requires boosters to continue transmitting

Protected Distribution System (PDS)

  • A system of cable conduits used to protect classified info transmitted between two secure areas
  • Hardened carrier PDS - installed in electrical metallic tubing
  • Alarmed carrier PDS - deployed with optical fibers that can sense acoustic vibrations that are triggered when an intruder tries to get access to cables

Computer Hardware Security

  • Cable lock - target electronics aisle type lock to prevent cable removal

Data Classifications

  • Confidential - Highest level of data sensitivity
  • Private - Restricted with medium level of confidentiality
  • Sensitive - Data that could cause catastrophic harm, ie specs for a new product
  • Critical - Classified according to availability needs, can cause issues if lost
  • Public - No risk
  • Restricted - Not available to public

Types of Data

  • Regulated - External Stipulations placed on who can see and why
  • Intellectual Property
  • Trade Secret
  • Legal Info
  • Financial Info
  • Human Readable
  • Non Human Readable (bar codes, qr codes)

Protecting Data

Three states of data

  • In Processing - being used within a single device
  • In Transit - being sent from device to device
  • At Rest - stored

Geolocation

  • All techniques that identify data's location

Data Sovereignty

  • Data is subject to laws of the country where it is collected or processed

Data Security Methods

  • Data Minimization - Limiting collection and storage of data unless necessary
  • Data Masking - Concealing data so that it will be harder to find
  • Tokenization - Replacing sensitive data with non-sensitive placeholders
  • Restrictions - Controls that limit data access based on roles and responsibility
  • Segmentation - Compartmentalizing network resources to reduce potential attack vectors - send data in smaller unreadable parts so that if it is stolen, it is still worthless