Running head: DATA INTEGRITY THREATS TO ORGANIZATIONS1
DATA INTEGRITY THREATS TO ORGANIZATIONS10
Data Integrity Threats To Organizations
Student’s Name
Institutional Affiliation
Abstract
The purpose of this paper is to define data integrity and to explain in detail its importance to any particular organization or enterprise. This paper goes into detail and discusses the main threats to data integrity which include cyber-attacks, transfer errors, human error, compromised hardware and malware.
Solution
s to these threats are also highlighted and the possible recommendations are given. The data collected for the purpose of this research paper came from questionnaires and literature reviews. The paper makes use of the qualitative research methodology based on the data collected from the questionnaires, literatures and interviews. Threats to data integrity are seen to have adverse effects on the productivity and profitability of many organizations.
Data Integrity Threats To Organizations
Introduction
Data integrity is defined as the accuracy and consistency of data throughout its lifecycle. Data integrity is the core aspect of cyber security. It is important in the design, implementation and utilization of systems that process, store and retrieves data. There are many threats to data integrity and they include cyber-attacks, transfer errors, human error, compromised hardware and malware. Data integrity has a great impact to organizations in terms of its operations and decision making processes (Nedal & Sail, 2013). Data integrity is important to organizations in terms of productivity and operations since these activities rely on sound decision making processes made by the management based on real time data available to them. Inaccurate data based on data lacking data integrity has adverse effects on an organization progress since wrong organizational decisions would be made. It is therefore important for organizations to make data security a priority in their information systems. Organizations can prioritize data security by establishing cyber security teams or outsourcing the services to a third party who would protect and mitigate the threats associated to cyber security.
Thesis
Data integrity refers to the accuracy and consistency of data throughout its lifecycle and it can be compromised by threats such as human error, cyber-attacks, compromised hardware and malware.
Importance of Data Integrity
Data integrity is considered to be both a process and a state. As a state, data integrity can be both accurate and valid whereas as a process, data integrity is described as the measures taken to ensure that a data set or all the data in a database or construct is valid and accurate. It is important for organizations and enterprises to consider data integrity whether as a state or as a process because it ensures the traceability recoverability and searchability of data (Kavale, 2012). The validity and accuracy of data, which is essentia.
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
Running head DATA INTEGRITY THREATS TO ORGANIZATIONS1DATA INTE.docx
1. Running head: DATA INTEGRITY THREATS TO
ORGANIZATIONS1
DATA INTEGRITY THREATS TO ORGANIZATIONS10
Data Integrity Threats To Organizations
Student’s Name
Institutional Affiliation
Abstract
The purpose of this paper is to define data integrity and to
explain in detail its importance to any particular organization or
enterprise. This paper goes into detail and discusses the main
threats to data integrity which include cyber-attacks, transfer
errors, human error, compromised hardware and malware.
Solution
s to these threats are also highlighted and the possible
recommendations are given. The data collected for the purpose
of this research paper came from questionnaires and literature
2. reviews. The paper makes use of the qualitative research
methodology based on the data collected from the
questionnaires, literatures and interviews. Threats to data
integrity are seen to have adverse effects on the productivity
and profitability of many organizations.
Data Integrity Threats To Organizations
Introduction
Data integrity is defined as the accuracy and consistency of data
throughout its lifecycle. Data integrity is the core aspect of
cyber security. It is important in the design, implementation and
utilization of systems that process, store and retrieves data.
There are many threats to data integrity and they include cyber-
attacks, transfer errors, human error, compromised hardware
and malware. Data integrity has a great impact to organizations
in terms of its operations and decision making processes (Nedal
& Sail, 2013). Data integrity is important to organizations in
terms of productivity and operations since these activities rely
on sound decision making processes made by the management
based on real time data available to them. Inaccurate data based
on data lacking data integrity has adverse effects on an
organization progress since wrong organizational decisions
would be made. It is therefore important for organizations to
make data security a priority in their information systems.
Organizations can prioritize data security by establishing cyber
3. security teams or outsourcing the services to a third party who
would protect and mitigate the threats associated to cyber
security.
Thesis
Data integrity refers to the accuracy and consistency of data
throughout its lifecycle and it can be compromised by threats
such as human error, cyber-attacks, compromised hardware and
malware.
Importance of Data Integrity
Data integrity is considered to be both a process and a state. As
a state, data integrity can be both accurate and valid whereas as
a process, data integrity is described as the measures taken to
ensure that a data set or all the data in a database or construct is
valid and accurate. It is important for organizations and
enterprises to consider data integrity whether as a state or as a
process because it ensures the traceability recoverability and
searchability of data (Kavale, 2012). The validity and accuracy
of data, which is essentially data integrity increases the
performance and stability of an enterprise or organization while
at the same time improving on the maintainability and
reusability of data sets.
Data is at the core of enterprises and organizations decision
making processes and it goes through numerous processes and
changes from their raw state to meaningful formats that can be
used to identify relationships which can be used to facilitate
4. informed decisions. This usefulness of data makes data integrity
to be an important aspect of decision making processes and in
the identification and analysis of relationships between data.
Types of Data Integrity
Data integrity is mostly maintained using database management
systems and there are four types of data integrity. These are
entity integrity, referential integrity, user defined integrity and
domain integrity. Entity integrity is maintained by a primary
key. Primary key is used on numerous elements to ensure that
none of them is null. For instance, in an organizational
database, elements such as employee number, customer number
and order number are considered as primary keys to ensure none
of them are null or duplicated (Patel et al., 2015). Referential
integrity is maintained by foreign keys. A foreign key is a
second table that can refer to another table, a primary key table
in the same database. Foreign keys relay data that can be shared
or null. Domain integrity is used to govern the common methods
used to input and access data from a database. A good example
of domain integrity maintenance is when a monetary value is set
as currency as its datatype. This ensures that three decimal
places are not allowed. User defined integrity is used to govern
data that is defined by the user. User defined data are datasets
that are created by users and they are outside of referential,
entity and domain integrity.
Threats to Data Integrity
5. As mentioned above, there are various threats to data integrity.
These threats include human error, which may be intentional or
accidental, hardware malfunction, malware, cyber-attacks and
transfer errors.
· Human Error
Human error is the most common and biggest threat to data
integrity. Human error ranges from the simple process of
entering data into the system, copying organizational data to
personal removable storage devices, opening malicious emails
either knowingly or unknowingly, cracking other employees
passwords to improper disposal of data storage devices. Most
employees are unaware of the dangers that some of their actions
may have on the security of the organizational data as they
progress with their busy schedules. Most of the employees do
not think that it may be necessary to wipe storage devices clean
before disposing them off or shred papers ad a form of
disposing them off. Some of the employees leave printers
printing as they go grab a cup of coffee or visit the washrooms
oblivious of the fact that the data may fall into the wrong hands.
It is therefore advisable that organizations and enterprises
conduct periodic trainings on data security to educate their
employees on the secure methods of handling data and sensitive
organizational information.
Human error can also be reduced by enterprises by establishing
strict rules that would keep track of portable storage devices.
6. Mobile devices are essential devices for our daily operations
and they also act as secondary storage devices. Mobile phones
are not the only portable storage devices as USBs, hard drives,
flash disks and compact disks also fall in the same category.
Encryption is the safest way of mitigating the risks associated
with the use of portable storage devices. The principle of least
privilege can also be used to mitigate human error as a threat to
data integrity. The principle of least privilege uses the idea that
access to databases and information either logically or
physically is only granted to employees who want access to
information that is necessary for their job operation. The
principle of least privilege basically restricts access to sensitive
information unless it is absolutely needed to effectively
complete a task.
Simulating phishing attacks also serves to prepare employees
for phishing threats the simulations serve to train the employees
on how phishing messages look like and how to avoid them.
These activities should be conducted periodically to refresh the
employees’ memories and to strengthen their response to such
events. Employees also need to be taught the importance of
having secure passwords and by secure passwords, it means that
passwords that do not contain personal information, that is,
password that is hard to crack. This entails having unique
passwords and constantly changing them. Password etiquette
should therefore be constantly emphasized to the employees.
7. · Transfer Errors
Transfer errors are the errors that are encountered when data is
on transit, that is, when data is moved from one location to
another. Transfer errors can either be logical, that is, when data
is transferred though the internet or a secured network of
physical, that is, when it is transferef from one physical
location to another. Transfer errors occur when data is not
transferred successfully. The adoption of appropriate security
measures is important towards ensuring and guaranteeing a
successful and complete transfer of data. Hash values can be
generated and embedded onto data that is to be transmitted. The
hash value allows the recipient of the data to check whether the
data s complete. However, the hash value can be manipulated by
eavesdroppers and this calls for Message Authentication Code
method as the most secured way of protecting data against
transfer errors. The Message Authentication Code recognizes
any unauthorized changes made to data in transit and notifies
both the sender and the receiver. Transferring data redundantly
is also anoter method of protecting data in transit against
transfer errors. In redundant data transfer, when one connection
fails or gets intercepted by unauthorized parties with malicious
intent, other connections can send the data safely to its intended
destinations.
· Cyber Attacks
Cyber-attacks has been one of the most challenging threats to
8. data integrity and data security in general. The Director of
National Intelligence of the United States stated that while most
discussions revolve around cyber-attacks being a threat to the
availability and confidentiality of data, most cyber operations
are seen to manipulate and change electronic data to
compromise its integrity instead of making it unavailable
through deletion or restricting its access. In a study conducted
by TrendMicro in the United States indicated that over 43% of
enterprises and organizations with critical infrastructures had
experienced a cyber-attack that may or may have not
compromised their data integrity. Another study conducted in
2016 by Clowdstrike indicated that the companies in the energy
and telecommunications sectors were the most hit and targeted
by cyber attackers.
Over 80,000 residents of the western part of Ukraine lost power
for approximately six hours during a Russian cyber-attack. The
attack was launched using a malware planted in
Prikarpattiaoblenergo, which is a Ukrainian electric company.
The malware shut down the company’s computer system which
consequently shut down the local electrical grid. Furthermore,
the attackers blocked the company’s phone system making it
impossible for the customers to report electrical problems
(Morovat, 2015). In the first quarter of the year 2016, Israel’s
electricity authority was under attack after it was hit by a
ransomware which took the affected macjines offline for almost
9. two days. However, the ransomware did not cut the electricity
supply to Israel’s cities although the attack was conducted
during winter when the power consumption rates were high.
These are just examples of large companies that were hit by
cyber attackers who left a trail of disaster and who may or may
have not led to data integrity breaches.
It has been proven that most of the cyber-attacks are as a result
of lack of established analytical security systems. The
traditional signature based security solutions cannot prevent
cyber-attacks. Most of the business operations and applications
are being moved to the cloud and this increases the chances of
cyber-attacks (Patel et al., 2015). Analytical systems correlate
user access, privileges, information sensitivity and policies
along with traditional systems. This provides the best solutions
against targeted cyber-attacks. Analytical systems find evidence
of information systems’ security breached. The information
gathered is then analyzed to bring more awareness to events that
pose a great threat to an organization which are then grouped
according to priority. Analytical systems have the ability of
detecting and making distinctions between normal users,
compromised users and malicious users of the system and then
alerts the parties concerns who then launch investigations on
suspected malicious activities.
· Compromised Hardware
The physical security of an organizational or an enterprise’s
10. hardware is very important. Big tech companies like Google
invest so much on their hardware resources and physical
security and this shows how hardware security is paramount. It
is difficult to detect and remediate a server in case of a malware
embedded in the hardware, that is, in the hardware’s firmware.
Although big corporations have the resources to deal with
compromised hardware, most companies still deal with the
threat (Belkacem & Bouhamdi, 2018). The issue of
compromised hardware run deep and it is a complex
phenomenon. Most enterprises opt to buy their hardware like
servers from vendors who are established. Vendors design and
assemble the entire hardware system and they always include
information about the software and the chips that constitute the
hardware. Cases have been reported of individuals who insert
malicious designs to the chips or hardware circuitry to
compromise an enterprise’s hardware which consequently
compromises the hardware security.
Compromised hardware also constitute hardware failures such
as hard disk crushes. Hard disk crushes lead to data loss which
may be partial or complete. Data loss leads to data
inconsistencies which means that data integrity has been
compromised. Backups, is the best solution to compromised
hardware. This is because an enterprise can still have accurate
and consistent data in the event that their hardware, servers and
hard disks are compromised. Comparing manufactured silicon
11. with the original design is also another method used to identify
alterations in silicon chips and hardware circuitries. Monitoring
servers for traffic that cannot be explained is the best method of
detecting compromised hardware. All types of network
connections like management systems, backups, and internal
connections must be monitored to analyze data flow that can
detect unexplainable traffic and network connections.
· Malware
Malware is mostly used by cyber attackers to gain administrator
level access to a computer or computer network. Malware
infections happen when computer users perform actions that
lead to the download of the malware itself. Malware infections
can happen through clicking of email links or visiting malicious
websites. Most malware infections however happen through
clicking of free movie, bundles or songs downloads. Malware
can also be injected to a computer system through USBs and
flash disks. Malware are designed for various purposes. There
are those that spy targeted users using their key strokes, while
there are those that attack a computer system and erase data
compromising data integrity in the process.
Detecting possible malware infection is the first step towards
erasing them and eliminating the risks they bring along with
them. Malware detections are easy since there is no expertise
needed and computer systems users can easily tell when they are
infected. The first sign is having devices slowing down.
12. Infected devices slow down because the malware takes over the
processing resources such that there remains small processing
power for normal tasks. Shortage of storage space is another
symptom of malware infection since it downloads and installs
additions files. Unwanted popups and programs constantly
flashing the device’s screen is the main sign of malware
infection. The only way of dealing with malware is installing
antiviruses and constantly updating them since attackers always
find ways of getting past newly released antiviruses.
Recommendations
Data integrity is an important state and process to any particular
organization. Most organizations are currently reluctant on
using their own information in making sound and informed
decisions concerning the company’s future due to the threats to
data integrity. It is therefore important for any particular
organization or enterprise to prioritize on data security
measures to protect the integrity of their data (Patel et al.,
2015). Organizations can chose to protect their data integrity by
doing it in-house or outsourcing the services depending on their
needs. Most organizations which are non IT are however
encouraged to outsource data security services so that they can
be able to concentrate on their core activities.
Regardless of the options that organizations may decide on to
protect the integrity of their data, measures including
implementation of analytical systems, backup, encryption,
13. employee training, use of antiviruses and constantly updating
them, and verification of hardware components among others
are vital to achieving data integrity. Organizations need not to
be afraid of the costs incurred in achieving data integrity but
they should rather focus on the benefits that come with them.
Conclusion
Data integrity denotes to the accuracy and consistency of data
during its processing, storage and in transit and it can be
compromised by threats such as human error, cyber-attacks,
compromised hardware and malware. Lack of data integrity has
made it impossible for organizations to trust their own data in
making informed and sound decisions. Organizations that made
decisions using data that lacked data integrity faced the risks of
losing customers and their competitive advantage. Most
organizations and enterprises are now focused on having
accurate and consistent data since we live in an information age
where information is considered to be the new currency.
Organizations are tackling their data security issues either in-
house or outsourced. Measures such as backup, encryption,
installation of analytical systems, use of antiviruses and
training of employees on the importance of maintain data
integrity are being taken to ensure that organizational data
remains consistent and accurate. Enterprises, companies,
institutions, businesses and organizations are therefore advised
to invest in data security if they need accurate and consistent
14. data to fuel their decision making processes.
Reference
Belkacem, A., & .Bouhamdi, A. (2018). “Model for decision-
making process with big data,” Journal of Theoretical and
Applied Information Technology, vol. 96, p. 5951 – 596.
Nedal, A., & Sail, A., (2013). “Data integrity in cloud
computing security,” Journal of Theoretical and Applied
Information Technology, Vol. 58, no. 3, p. 570.
Morovat, K. (2015). Data Integrity Verification in Cloud
Computing.
Patel, N., Shah, P., & Prajapati, P. (2015). Efficient Data
Recovery with Data Integrity Proetection. Saarbrucken: LAP
LAMBERT Academic Publishing.
Kavale, S. (2012). “The role of data in strategic decision
making process,” International journal of current research, vol.
4, no. 4, p. 01-07.
.
15. Prepare concept matrix on the given topic related to advance
research
Topic:
Cyber security : data integrity threats to organizations