Effective Data Security Policy, Data Recovery Techniques, And Secure Data Deletion Process

Data Security Policy Framework

Global Designs limited recently updated their IT infrastructures. So that their existing policies and plans are not effective here. So that they contacted us to develop an effective data security policy. Also we need to review their current data deletion procedure as well as data recovery techniques. In this section the detailed overview of their current data security system are described. 

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Data security policy is one of the important frame work that helps to the organization to ensure the security of the confidential data. In general the data security policy contains the information for mitigating against the various problems. The developed data security policy must ensure security and confidentiality of the data (Bellovin, 2016). In this section the security policy for the Global Designs Limited are discussed. The developed Data security policy mainly concentrates on three important functions (Al-Alwani, 2015). And they are listed below.

  • Continuous monitoring
  • Risk identification
  • Risk mitigation strategy

And the developed data security policy for the Global Designs are listed below.

  1. Restrict unwanted access
  2. Secure data by strong passwords
  3. Strong email policy to reduce the risk of security incident
  4. Secure network infrastructure by implementing network security policies
  5. Secure the wireless network and the guest access by providing wireless network and guest access policy
  6. Mobile device policies to reduce the risk associated with mobile
  7. Scanning for threats or vulnerabilities in the network
  8. Account monitoring and controlling
  9. Cloud computing rules for cloud computing. 

Data recovery is a process of retrieving lost or corrupted or formatted data or damaged data from the internal or external hard drives, electronic devices, DVDs and CDs. When logical damage is happened to the file system or physical damage is happened to the storage devices, the recovery technique is needed (Tankard, 2017).  Most of the data loss are recoverable. The data which is not completely lost even the computer storage system is failed. In some situations, the data which is lost, is permanently lost and its recovery is not possible at all.  The data recovery is done by using appropriate data recovery tools and techniques (Bergkamp, 2002).

The data may be lost when it is accidentally erased or the data control structure is overwritten. And also when it is inaccessible or corrupted. The major things which cause the data lost is given in the following line. They are hard drive error, human error, software corruption, natural disaster, computer crime, and virus attack. To avoid data loss, the followings must be done (Bohannon et al., 2003).

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper
  • Do not update software or hardware unless have a backup.
  • The system must be physically secured from the intruders
  • Usage of Firewall
  • Implementing Virus protection

Data loss may cause huge problem in business. It consumes more time and money for recovering lost data. If data recovery methods done quickly with proper precautions, it may avoid this problem. The company can easily retrieve the data which is lost without any problem.

There are two ways for data recovery (Kumar and Yadav, 2016). They are,

  1. Recovering data by using software
  2. Recovering data by using machines

The data recovering techniques are listed below.

  1. STM (Scanning Tunneling Microscopy)
  2. MFM (Magnetic Force Microscopy)
  3. SPM (Scanning Probe Microscopy) 

It is one of the new branches of microscopy. It has a physical probe. This probe is used to scan the specimen given. And then it forms the images of surface. This is obtained in raster scanning of the given specimen by moving the probe mechanically. The raster scan is done line by line. The probe-surface interactions are recorded as a function of position (Davis, 2003).

Data Recovery Techniques

The scanning probe microscopy has sharp magnetic tip and flexible cantilever. The magnetic tip is attached to the cantilever. It is placed near to the specimen surface which has to be analyzed. The surface topographic view is produced with the help of Computer. Here, the computer acts as a controller (McCutchen, 2006). 

 This is a new technique derived from scanning probe microscopy.  It also has sharp magnetic tip and flexible cantilever. These are used for analysis. The field image of the surface is obtained by measuring the force. This is done by moving the magnetic tip which attached to the flexible cantilever across the surface (M, V and R, 2015) . 

It is a variation of Magnetic Force Microscopy. It has the probe. This probe is made by nickel. The analysis is done by scanning the surface with the help of probe. Between the probe tip and surface of the sample, the flow of weak electrical current is measured. After that, the image is generated (Narayan Kulkarni, Kumar A. Jain and ., 2018).

These are the microscopic techniques used in the data recovery process. This techniques has some advantages as well as some disadvantages. The advantage of these techniques are data can be recovered; the topographic view is obtained and possibilities of recovering overwritten data. But, these techniques are costly and cannot be done at home (Scanning Probe Microscopy: Atomic Force Microscopy and Scanning Tunneling Microscopy Bert Voigtländer, 2016).

The following methods are used for secure data deletion or destruction. They are,

  1. Delete
  2. Degaussing
  3. Physical destruction
  4. Software Overwrite

Deleting and formatting command is used for data destruction. But it is not an effective way to delete the data. So, it has to be avoided in order to perform secure data destruction.  

This process needs a strong electromagnetic field. This field is created by a machine. The created field is used to delete all the data which are recorded magnetically. This process is effective in the past. But nowadays modern hard drives are used as a storage device. The thicker shielding is used in these modern hard drives. So, stronger electromagnetic field must be needed to delete the data. Otherwise, there is no guarantee for complete degaussing process. The partial degaussing may pose security risks (Weeks and Zhang, 2007).

By using huge mechanical machines/shredders, the storage media such as DVDs, CDs and hard drives are shredded into small pieces. This is an effective way for preventing as well as destroying data. Another example for physical destruction is drilling holes on the hard drive. The physical destruction method does not delete the data from the storage media but it makes the storage media inoperable. By doing this, the data recovery can be preventing.

Scanning Probe Microscopy

This is also called as ‘Zeroization’. This method of data destruction needs software program or some special applications. By using these patterns of meaningless data are written on the every section of the hard drive. The data is overwritten with the 1’s and 0’s combination. The number of overwritten process done on the hard drive decides the security level of the hard drive. 

The Data Storage Solutions wanted to know their present state of encrypted e-mail solutions and also wanted to know if any information is extracted from the encrypted e-mails when the network traffic is occurred. If any extraction of information is happening, Data Storage Solution needs a solution to solve that. In this section, many solutions related to solving this problem are analyzed and compared.  

Emails are actually not secure. While sending the emails over the internet, it sent as a plain text. These can be easily snatched in cyberspace. The personal information can also accessed by the hackers or untrustworthy individuals. The encrypted email means a coding scheme is applied on the email messages. To read the encrypted emails, the decoder is used. The coded emails are complex and they needs right keys to read them. In email encryption, there are two keys used (Kakade, 2017). They are private and public key. The public keys are used to encrypt the messages. The private keys are used to decrypt the messages. It is used by the sender to encode and decode the messages.  The public key is shared with everyone but the private key is not (Davis, 2003).

The mail aim of this encryption methods is security. To secure the emails, the encryption is most wanted. There are many e-mail encryption methods. Some of the methods are given below (Khan, Alshomrani and Qamar, 2013).

  • TLS
  • PGP
  • S/MIME 
  • Pretty Good privacy

The PGP encryption compresses the text. It reduces the disk space and increases the security of the e-mails. The hacking attempts will stumble on the compressed information. The secret session key is created in PGP. It is for one-time use. The text in an e-mail is encrypted with the session key and the public encrypted session key is sent along with the encrypted e-mail. The receiver of this encrypted e-mail uses private key. It is used to retrieve PGP and session key. After that, the encrypted e-mail is decrypted (de Lozanne, 2006).

  • Secure Multi-Purpose Internet Mail Extension

Digital signature and encryption is used by this method. This method is used for securing the transmission of e-mails. The followings will happen in the sender side while sending an e-mail (Makarov, 2007).

  1. Composing of a message
  2. Retrieval of Unique information which regarding the sender
  3. The unique information of sender adding the digital signature to the composed message
  4. Sending of the message

Secure Data Deletion Process

The followings will happen in the receiver side while sending an e-mail.

  1. Received email
  2. Read digital signature
  3. Read the body of the e-mail which is received
  4. Information sent by the sender is identified
  5. On the message, run the signing operation
  6. The signature read on the receipt and the digital signature on the message is compared
  7. The message is verified, if the compared signatures are matched. Transport Layer Security

It is an encryption protocol used to protect the e-mails. It ensures the transmission of emails. The transport layer security protocol is encrypting the communication channel. In internet, the communication channel lies between two or more systems. STARTTLS is an email protocol command. It indicates the email server to turn an existing insecure connection into a secure connection. The preferred encryption method is transport layer security. It is a new encryption method. It offers robust security features (Jiang and Wen, 2011).

The followings are the best ways to send encrypted emails and secure messages. 

  • Encrypt emails and server connection

If the emails are sent without encryption, it may be read by the attackers. So, email encryption software is important to employ. And also, it must be important to verify that the server connection is encrypted. This is done by using TLS (Transport Layer Security). The decryption software is used for decrypt these emails. Most of the encrypted software are costly. But, TrueCrypt is a free software (Koblischka et al., 2008). 

  • Secure Sockets Layer (SSL) protection

If the user uses the web-based browser for email accounts, then there is many chances for attacks. So, while using web-based browser it is important to check the connection is encrypted with SSL protection (M. and H., 2017). In network security, network monitoring is an important one. The possibility of extraction of information is limited when using the encrypted traffic. If the traffic is not encrypted, the information may be extracted from the unencrypted initialization phase and also from the encrypted transport phase. The traffic encryption is also known as HTTPS. The full form of HTTPS is HyperText Transfer Protocol for Secure connection. This protocol is used to secure the information. It is a combination HTTP, SSL/TLS and TCP protocols. It provides better security. It is widely used on the internet. It protects mails which are sent over the internet from the man-in-the-middle attacks (Kurt and Duru, 2015). 

Comparison of Email encryption with SSL protection

Email Encryption

SSL Protection

Encrypting the emails by using encrypting software

Provides secure connection

Denies the unauthorized access

It also known as HTTPS. The HTTPS is a combination of HTTP, SSL/TLS and TCP.

Decryption software needs to decrypt the emails

Used to secure the sensitive information in the email

Prevents the emails from information extraction

Protects the emails from attacks

Guidelines

  • Use any one of the encryption methods which are mentioned above to encrypt the emails in order to secure the message.
  • Encrypt emails to avoid extraction of messages.
  • Use HTTPS protocol to secure the connection.
  • Implement firewall to avoid unauthorized access to email server.    

In this task the given pcap file is analyzed using the Wireshark application. The traffic analysis is made for the captured packets. The requirements are done by using the Wireshark application. The frame, source and destination IP address and source and destination MAC addresses are found. The screenshots are added for the specification (Jyothi, Verma and Shanker, 2010) 

The packets are captured from the given file. The captured packets are displayed in the above two screenshots. The different type of protocols are mentioned in the captured packets. And the information’s are provided such as time, source, destination, protocol and length. For each protocol the frame length and the internet protocol version are displayed in the screenshots (Ndatinya et al., 2015).

Email Encryption Methods

The file properties are obtained by clicking the captured file properties. Totally here 12698 packets are captured from the analysis. The starting time of the packet capturing is 30-09-2015. The time is 21:40:17. And the ended time is 21:43:35. Also there is no dropped packets (Qin, Zhang and Zong, 2013).

Finding the IP address 

The tcp.stream eq 35 command is filtered and the results are delivered. The packets 765, 773 are got from the analysis. These two protocols are regarding transmission control protocol. The packet information such as ACK and SYN are mentioned in this protocol.

Start frame 

The start frame for the packet is 765. The length of the frame is 58 bytes. And the capture length is 58 bytes. Encapsulation types is mentioned as Ethernet. The arrival time is September 30, 2015. 

IP address of source and destination 

The source and destination IP addresses are mentioned for the corresponding protocol.

The source IP address is 192.168.97.4 and the destination IP address is 192.168.97.250. The mentioned IP address is regarding TCP protocol. The total length is 44.

Port used by the initializing host and destination host

the port of initializing host and destination host. According to that the source port is 57734 and the destination port is 25 (Practical Packet Analysis: using Wireshark to solve real-world network problems, 2011).

Here the below screenshots represent the packet flow and the existing traffic. The sending and receiving packets are appeared. The information such as acknowledgement, and success message are all placed in the packet flow. If any traffic occurs the packet flow will be intercepted.

References

Al-Alwani, A. (2015). Improving Email Response in an Email Management System Using Natural Language Processing Based Probabilistic Methods. Journal of Computer Science, 11(1), pp.109-119.

Bellovin, S. (2016). Easy Email Encryption. IEEE Security & Privacy, 14(6), pp.96-96.

Bergkamp, L. (2002). EU Data Protection Policy. Computer Law & Security Review, 18(1), pp.31-47.

Bohannon, P., Rastogi, R., Seshadri, S., Silberschatz, A. and Sudarshan, S. (2003). Detection and recovery techniques for database corruption. IEEE Transactions on Knowledge and Data Engineering, 15(5), pp.1120-1136.

Davis, P. (2003). Data Management: Data Destruction and Preservation, Part 2. EDPACS, 31(4), pp.1-8.

Davis, P. (2003). Data Management: Data Destruction and Preservation, Part 1. EDPACS, 31(3), pp.1-15.

de Lozanne, A. (2006). Application of magnetic force microscopy in nanomaterials characterization. Microscopy Research and Technique, 69(7), pp.550-562.

Jiang, H. and Wen, J. (2011). Security Policy of Data in Enterprise Data Trusteeship Database. Advanced Materials Research, 187, pp.358-361.

Jyothi, M., Verma, D. and Shanker, D. (2010). Implementation and Analysis of Email Messages Encryption and Image Steganography Schemes for Image Authentication and Verification. International Journal of Computer Applications, 5(5), pp.22-27.

Kakade, A. (2017). Self Destruction of Data using Active Storage. International Journal for Research in Applied Science and Engineering Technology, V(IV), pp.1329-1334.

Khan, M., Alshomrani, S. and Qamar, S. (2013). Investigation of DHCP Packets using Wireshark. International Journal of Computer Applications, 63(4), pp.1-9.

Koblischka, M., Wei, J., Richter, C., Sulzbach, T. and Hartmann, U. (2008). Advanced Cantilevers for Magnetic Force Microscopy and High Frequency Magnetic Force Microscopy. Scanning, 30(1), pp.27-34.

Kumar, A. and Yadav, J. (2016). Comparison: Wireshark on different parameters. International Journal Of Engineering And Computer Science.

Kurt, M. and Duru, N. (2015). Email Encryption using RC4 Algorithm. International Journal of Computer Applications, 130(14), pp.25-29.

M, K., V, M. and R, N. (2015). Email Privacy with Encryption Standards. IARJSET, 2(12), pp.160-163.

M., H. and H., M. (2017). A Survey of Email Service; Attacks, Security Methods and Protocols. International Journal of Computer Applications, 162(11), pp.31-40.

Makarov, P. (2007). Evolutionary nature of destruction of solids and media. Physical Mesomechanics, 10(3-4), pp.134-147.

McCutchen, C. (2006). Transmission line probes for scanning photon-tunneling microscopy. Scanning, 17(1), pp.15-17.

Narayan Kulkarni, N., Kumar A. Jain, S. and ., .. (2018). Survey on Data Integrity, Recovery, and Proof of Retrievability Techniques in Cloud Storage. International Journal of Engineering & Technology, 7(3.6), p.55.

Ndatinya, V., Xiao, Z., Manepalli, V., Meng, K. and Xiao, Y. (2015). Network forensics analysis using Wireshark. International Journal of Security and Networks, 10(2), p.91.

Practical Packet Analysis: using Wireshark to solve real-world network problems. (2011). Network Security, 2011(8), p.4.

Qin, J., Zhang, Y. and Zong, P. (2013). Research on Data Destruction Mechanism with Security Level in HDFS. Advanced Materials Research, 834-836, pp.1795-1798.

Scanning Probe Microscopy: Atomic Force Microscopy and Scanning Tunneling Microscopy Bert Voigtländer. (2016). MRS Bulletin, 41(02), pp.165-166.

Tankard, C. (2017). Securing emails. Network Security, 2017(6), p.20.

Tarasov, V. and Malakhov, S. (2015). Statistical data handling program of Wireshark analyzer and incoming traffic research. Proceedings of the Institute for System Programming of the RAS, (3), pp.303-314.

Weeks, B. and Zhang, G. (2007). High-pressure Scanning Tunneling Microscopy: Tip Reactions. Scanning, 29(1), pp.5-10.