A Data Integrity Issue

Internet is backbone for data storage, access and transfer. According to some reports and IBM confirmed that information transfer and data generation has increased, in 2018 alone 2.5 quintillion bytes of data is being generated daily across multiple devices all connected through internet (Marr, 2018).

So, considering this huge data accessed across multiple devices, data being the valuable resource for government and other organization to perform, which add more vulnerable access points. Data integrity means making sure the validity, accuracy and trustworthiness of the information is maintained throughout the data lifecycle. Protecting data against the breaches and attacks is the utmost importance, to maintain and ensure customer trust in the business. Improperly maintaining and handling huge data is also considered risk when exposed to several factors including software bugs, human error, virus, provisioned access to the database. Data manipulation is one of the major risks involved during data breaches. Incorrect data reduces the efficiency and also decreases the confidence on that organization.

The ultimate goal for a data breach can be data manipulation, to compromise the accuracy of the data rendering it useless and introducing fabricated events doubting very existence of reality. The industries which are badly traumatized with these breaches belong to all domains -- communication or social media, healthcare financial institutions, military, utilities, technology, transportation, etc,.

Though data breaches are inevitable and often happen, but it matters how much information is compromised during the attack. Just consolidating, data breached in 2015, shows that more than 100 million patient records are compromised in the data breach. Healthcare is highly susceptible for the data breaches because the nature of data sensitivity. Accuracy in patients record is highly required, Think of a situation where patients medical events have been partially or fully modified. So a patient record with a chronic illness has been modified to a common flu and is treated accordingly or it can be vice versa. That could lead to serious issues w.r.t patients health stats and could lead to disastrous event. Major responsible lies with the healthcare/hospitals to deploy strong defense systems against these kinds of attacks.

According to the reports, yahoo was one of the biggest and topmost data breaches occurred in the 21 century which accounts to more than 3 billion user accounts being stolen. The hackers obtained information about emails, passwordencrypted or unencrypted, security questions. Imagine the hacker had the information and could use that to change linked accounts for example, bank accounts notification to the email, utility bills, credit cards, etc,. Though the company had little to disclose about the data integrity during the breach, it was hit with class action lawsuit which costed company millions to pay for and also offered its customer with free monitoring services. [2]

Not only the above mentioned communication and health care, all part of the industries are exposed to some or other kinds of attacks including defence, utilities, transportation, technology and education. Defense is critical part of maintaining secure environment of a country. Based on a news article posted on December, 2017, states that US DoD (Department of defense) critical intelligence data has been compromised due to data breach. Information leak corresponds to intelligence data gathered on US military and political leaders [4]. Consider, If any of those secret records or data is manipulated which are used for strategic decision making, how efficient would that be considered, when data accuracy is unknown because of the system breach and that couldnt be verified due to the fact that its highly sensitive and confidential in nature. This could lead to serious escalation in the global community or state wide chaos. Even the companies which provide security services against threats for web based application did fall for data breach, VeriSign never disclosed the attack but based on the some reports that company did had a data breach in 2010 and its still unclear how much hackers gained access to privileged systems and information[2]. The risk factor in any domain is much larger when it carries more sensitive data.

Data attacks tend to increase in recent years showing a trend that most of these data attacks are sort out based on the calculated monetary value of the data, multiplication factor between sensitivity, demand and risk factor. Hackers demand ransom through crypto currency (bitcoin) to decrypt the data but its always uncertain how much data is accurate. These attacks cannot be totally avoided but cybersecurity agencies are making efforts to secure data to make sure the data integrity is not lost in those attacks.

Few ways to reduce the risk of data integrity would be:

• Reduce human errors during registering data.
• Audits regular audit to verify and ensure security systems are in complaint with the industry standards. Electronic data audit with time stamp as a digital signature would be a flag to ensure when the data was modified.
• Encryption Though encryption is not an efficient concept when comes to the data integrity. The encrypted data can be decrypted modified and encrypted. Which does prove a valid method? But, moderate level of security is never unnecessary.
• Limited access - enforcing limited access to the data.
• Monitoring services these application doesnt prevent but at least monitor the records for any changes and notifies the consumer.
• Update and patching regular update and patching will ensure better protection from recent or known security threats.
• Backup All IT companies opt for data backup. Which will ensure better assessment of the data integrity loss before & after the cyber-attacks? Though these are always hosted in a remote location for better management of resources.

Governments and organizations are combining efforts (monetarily, technical manpower, etc.,) to provide secure data environment, but its very unclear how many years would that take for implementation based on the rapidly changing technological developments.

Cite this page