Group 2

DATA SECURITY AND ENCRYPTION: Protecting

Data Through Encryption and Data Integrity
1.HOW CAN ENCRYPTION BE USED TO PROTECT SENSETIVE DATA
WITHIN THE UNIVERSITY’S NETWORK?

 Scrambling plan text into unreadable ciphertext, which can only be deciphered
with a unique key. For example, this is like locking a door with a key , only those
with the right key can access the contents.
 Shielding from unauthorized access or interception during transmission.
 Mitigating the risk of Data theft and loss by making stolen data unusable
without encryption keys. It’s important for sensitive information like student
records and financial data.
 Ensuring confidentiality , especially during data transit and storage. This helps
to prevent unauthorized access even if physical device is compromised.
 Complying with data protection regulations and mitigating insider threats. Many
regulations, such as HIPAA ( Health Insurance Portability And Accountability Act)
and GDPR (General Data Protection Regulation) require organisations to
implement strong encryption measures to protect sensitive data.
 2. WHAT ENCRYPTION STANDARDS SHOULD BE IMPLEMENTED FOR STUDENT
INFORMATION , FACULTY RECORDS, AND RESEARCH DATA?

Symmetric Encryption standard refers to well-established protocols and algorithms

used globally for secure encryption. Same key is used for both encryption and decryption.
It is fast, efficient , suitable for large amounts of data. Examples of symmetric encryption
standards; AES(Advanced Encryption Standard), DES(Data Encryption Standard),
3DES(Triple Data Encryption Standard).

Answer: AES, it offers a high level of security, making it resistant to all known practical
attacks.
It uses different kinds of keys which allows for different levels of security based on the
sensitivity of the data.
It complies with various data protection regulations such as GDPR and HIPAA
3.WHAT TOOLS OR METHODS CAN ENSURE DATA INTEGRITY?

DATA INTEGRITY: MAINTENANCE AND ASSURANCE OF DATA ACCURACY OVER

ITS ENTIRE LIFE-CYCLE. It is the assurance that data is accurate ,complete and
consistent throughout its lifecycle.
• DATA VALIDATION :This is checking the accuracy and structure of data before
it is used.
• DATA ENCRYPTION: Use encryption techniques to protect data both at rest and
in transit which will prevent unauthorised access and maintain data integrity.
• DATA QUALITY ASSESMENT: Regularly assess and clean data to identify and
correct inaccuracies.
• DATA VERSIONING: Keep track of different versions of data to ensure changes
can be audited and reverted if necessary.
• CHECKSUMS: (An error detection method that uses a sequence of numbers
and letters to detect any bits of data lost during transmission) Use checksums
to detect errors in data transmissions and storage.
• AUDIT TRAILS: Maintain logs of data access and modifications to track
changes and identity potential breaches.
• BACKUP AND DISASTER RECOVERY: Regularly back up data and have a
recovery plan in place to restore data in case of loss or corruption.
4.HOW DOES ENCRYPTION IMPACT DATA BREACHES AND WHAT
MEASURES COULD HAVE PREVENTED THE BREACH IN THE SCENARIO?
DATA BREACHES:A security incident in which unauthorised parties access
sensitive or confidential information.
• DATA PROTECTION: Encryption converts sensitive data into a coded format,
making it unreadable without the decryption key. This ensures that even if data
is intercepted or stolen it remains inaccessible to unauthorised individuals.

MEASURES TO PREVENT DATA BREACHES

• STRONG PASSWORD POLICIES: Implementing strong password policies and encouraging
the use of complex unique passwords can help prevent unauthorised access.
• MULTI-FACTOR AUTHENTICATION: Using MFA adds an extra layer of security by requiring users to
provide two or more verification factors to gain access.
• DATA ENCRYPTION
• REGULAR SECURITY TRAINING: Conducting regular security awareness training for employees
helps them recognise and avoid phishing attacks or other social engineering tactics.
• ACCESS CONTROL: Adhering to the principle of least privilege ensures that employees only have
access to the data necessary for their job.
• SECURE THIRD-PARTY VENDORS: Ensuring that third parties comply with security standards and
practices help mitigate risks associated with third party associates.
• REGULAR SECURITY ASSESSMENTS: Conducting periodic security assessments and vulnerability
scans helps identify and address potential weakness in the system.
• PHYSICAL SECURITY MEASURES: Implementing physical security measures such as secure
THANK YOU!!!