Procedures and system configurations must be established in an effort to minimize the major threats to data integrity: hardware failures, human errors, software malfunctions, computer viruses, natural disasters, and computer crimes.
Risks to data integrity must be quickly and accurately detected before they adversely affect business.
The precursors to data loss must be corrected before a data loss situation materializes. If a data loss does occur, business downtime must be mini-mized, crucial data must be recovered, and appropriate business continuity plans must be implemented.
There are twelve primary ways to fully realize the data integrity and information security principles called for by the protection, detection, and correction model. Each of these methods is applicable to specific data protection needs and situations.
1. Redundancy: RAID (Redundant Array of Inexpensive Disks) systems—Two or more drives working together that provide increased performance and various levels of error recovery and fault tolerance. Disk or system mirroring—Recording redundant data for fault-tolerant opera-tion. During disk mirroring, data is written on two partitions of the same disk or two separate disks within the same system. During system mirroring, data is written to two separate computer systems.
2. Backup and restoration
3. Data re-entry
4. Off-site storage
5. Electronic vaulting—Automatic, remote copying and storing of critical com-puter data over high-speed communication lines.
6. Commercial software (anti-virus, data restoration)
7. Data protection consulting/site audits
8. Disaster recovery plans
9. Firewalls—A network node set up as a boundary to prevent unauthorized traffic from entering into a specific segment of the network.
10. Authentication software—Verifies a user is the person he or she claims to be.
11. Uninterrupted power supply (UPS)
12. Data recovery services–Restoring physically damaged or corrupted data from storage media. During data recovery, the data is recovered directly from the damaged media source itself.
Each of these options has its strengths and weaknesses, depending on the environment you are addressing, and the level of protection you desire. Therefore, for the most effective implementation of the protection, detec-tion, and correction model, you must carefully consider which information security and data integrity options best suit your needs.