Data Integrity — How to Choose the Right IT System & InfrastructureJan 10, 2020
Data is crucial for every company to survive. In 2020 there will be around 40 zettabytes (40 trillion gigabytes or 40.000.000.000.000.000.000.000 bytes) of data. In 2010 the data size was about 1.2 zettabytes, so it only took ten years to quadruple the amount of data. Collecting data is quite easy today as more and more data is produced, and the infrastructure enables us to save, process, and use data in an easy way. Because they are of such a high value, they are in danger of being compromised, and compromised data are of little or no use to any company. Every loss of sensitive data represents a significant danger to both the company and its customers and stakeholders.
Thus, data is increasingly important, and even more important is the integrity of the data that’s collected. Data integrity refers to the accuracy, completeness, and consistency of data over its full lifecycle. Furthermore, it is about the safety of data regarding regulatory compliance, e.g., GDPR compliance, and security. Data integrity refers to a state and a process also. On the one hand, data integrity describes the state that the data set is valid and accurate. On the other hand, data integrity is a process, including all measures that are used to ensure the validity and accuracy of data in a database.
Data Integrity Risks
Especially when a company chooses a new IT system or infrastructure service, the risks of losing data integrity should be considered, as data integrity can be compromised in many different ways.
- Human Errors
Employees and individuals may enter incorrect information, delete or duplicate data, or do not follow a given protocol. Human errors occur both unintentional and in a deliberate way.
- Transfer Errors
Often data is transferred from one place to another. If the data isn’t successfully transferred to another location, we talk about transfer errors.
- Attacks and Other Cyber Threats
As we all know, spyware, malware, or a virus can affect anyone and alter, delete, or steal data. What is more, cyber-attacks or insider threats are a possible risk for data integrity.
- Compromised Hardware
Computer or server crashes, problems with a computer, or other device functions are failures and may indicate that your hardware is compromised. Your data may be rendered incorrectly or incompletely, you may lose access to your data, or your data is hard to use. Compromised hardware also includes device or disk crashes and physical compromise to devices.
Fortunately, there are many simple ways to minimize or even eliminate these risks within your network and infrastructure. The integrity can be achieved by appropriate processes, rules, and standards.
Several steps make sure your data is valid and accurate.
- Validate Input
Always validate the received data, whether it is from a known or unknown source (this can be an employee or an external source). If you verify the input, you can make sure that your data is correct.
- Validate Data
Make sure your data is validated when you gather and use it. Define appropriate rules for how data should be saved and maintained. These rules can include data type, length of the input, certain expressions. By validating your data, you make sure no flawed data is inserted into your systems.
- Remove Duplicate Data
Often sensitive data from a secure database is saved in other documents, e-mails, or excel sheets. Make sure your data is not saved in wrong places and delete duplicate data to ensure accurateness and consistency. There are several software solutions for finding and deleting duplicate data available.
Proper and well-protected data back-up is one of the most important security aspects of data integrity. A back-up and recovery strategy ensure data security and prevent data loss. There are different sorts of data back-ups that vary in:
- frequency of back-up (daily, weekly, monthly, etc.)
- location of back-up data (you can choose between onsite backup in the same data center, maybe even on the same server or off-site backup in another data center or choose a cloud backup solution.)
- storage type (NAS, SAN, S3) and
- vendor of the storage hardware.
Which back-up method suits your requirements best, can be found out here: Hosted Backup Options. If your data is compromised in any way, back-ups help in the reconstruction of data through media recovery and physical and logical data restoration.
Limit Access to Data and Consider Social Hacking
You can limit access to data or define permissions to restrict changes to information by unauthorized individuals. This measure can minimize human errors. Even if people are not deliberately trying to delete or change data, they can harm data integrity severely.
Furthermore, external people can intentionally harm your data. A possible way is the principal of minimal rights. A user only gets access to those data that are relevant to them. Please make sure you also limit access to your server — also the physical server location.
The limited access can also help in mitigating the risk of social hacking. With social hacking, criminals try to gain access to restricted information or sensitive data. This is done with extensive research on possible weaknesses of individuals, e.g., employees of the company, and try to trick them into disclosing their login credentials. If you control access to data or use the principle of minimal rights, this form of data loss can certainly be restrained.
Always keep track of your data with the use of logs. You easily keep the overview when data is added, modified, or deleted. This should be done automatically, and the user should not be able to access these logs or manipulate them. All changes can be traced back to the specific user and the specific timestamp. Anexia offers the Log-Management tool CloudLog. It allows you to handle big data, and with its alert functions, you are always immediately notified if irregularities in the data logs are detected.
Reduce Transfer Errors
Data is often moved from one place or one device to another. During his movement, data can also be compromised in different ways. If you transfer your data from one server to another, you can make use of redundant transmission of data, i.e., data redundancy. This can be achieved by using a redundant network. Even if one connection fails, the other connection can move the data safely to another server, and no loss of data occurs. With a fully redundant network, Anexia can offer this safety for your company.
Integrity offers the possibility always to have real-time situational awareness for every bit of data and independent verification of everything that happens in your network. It is possible to react immediately if there is an incident or threat. And you can easily detect any misconfiguration or failure within your network.
Auditability and transparency are two main aspects of integrity if implemented correctly. If your network, IT systems, and infrastructure include all named measures for integrity, you are well prepared for all the threats in cyberspace.