Protecting Data from Theft

00:00

welcome back to intermediate endpoint Security Course.

00:03

In this lesson, I will be talking about protecting data that is on the end point. So I'm not going to talk about protecting day town, a corporate server or go on corporate storage or on the cloud. I'm just going to talk about data that is actually on the PC on the end point

00:22

and also in the printing devices.

00:24

A short part of it will cover the printing devices. So, um, details of this lesson Are that what I will talk about? What type of data you have the in your company,

00:38

What types of data need protection and what types of data need them, something that could be additional protection.

00:46

And at the end, I will be talking about how to protect these data from test.

00:51

So let's first talk about classifications data. We can classify data based on two criteria. One is importance

00:58

and the other is a state. So when it could talk about importance, we talk about,

01:06

um,

01:07

four types of data. We have sensitive data. So this is something like, for example, electronic health records or if your bank people's credit card numbers anything that if disclosed. If it leaks out, can generate

01:26

legal or financial loss ramifications for a company. So if your healthcare organization and you leak the data out,

01:37

Um, even if it wasn't your fault, you might be legally held accountable, depending on the local legislature.

01:44

But if you leak, for example, credit card numbers than people can. So you if somebody steals the money from their accounts, so there two things. But they're there to possible issues that you have with linkage of sensitive data. But in both cases, the

02:04

this is something that will come from the outside to haunt you.

02:08

Then you have crucial data, so crucial data might not be sensitive at all. It might be the, for example, if your retail company maybe just your database with the products,

02:23

Why is it crucial? Because if if the database go down and you have online sales, you cannot sell.

02:30

So because users cannot see the if something is available, the customers can see if something is available. How many items is there in stock? What is the price? Because all these things when you go to retail website

02:44

they are all pulled from a database. So if databases down. You don't do business, and you then you lose money. So the damage from having issue with crucial data can be mainly financial.

03:00

Then you have what is called a regular data

03:05

and regular data is basically a daily data being generated before they are stored in some form that is standardized. It can be that somebody's analyzing something in excel and just keeping it on its hard drive so it can be.

03:22

It is regular because it's nothing special about it. The only thing you lose if you lose that data

03:28

is you have to recreate it again

03:32

and if that person is available. So, for example, somebody is crazy enough to former the hard drive. They lose all the data there so everything they have been working there or just hard drive dies. They lose this kind of regular data, and then you have redundant data. So this is data that is being replicated

03:53

to,

03:53

um,

03:54

some kind off backup or clout so you have it on PC, but you also have it somewhere else. So if you lose it on PC and it's not sensitive or crucial data, even if it's crucial, they thought it's no big deal. You can just restore it from somewhere else.

04:13

When we talk about the state of data and we talk about data on PC, we can have the older data which is essentially stored summer on the PC. But it doesn't matter because

04:24

it just has just the historical well, you. It doesn't affect the daily business, and you have data currently being worked on. So you have those two things that you have on a PC

04:34

There is. There is also dating communication network thesis, 1/3 type of data, but not going to talk about the 3rd 1 just the 1st 2 because this is what you're protecting. When you're protecting endpoint,

04:50

they think communication and on the network essentially falls on the responsibility whoever is responsible

04:58

for network security.

05:00

So let's talk about two data theft, which is a thing that we're talking about in this lesson.

05:06

You can have a physical theft and you have have a cyber theft. Physical theft is been if somebody steals your notebook or PC and then then they have daytime in on their source on the harder Onda. Cyber theft is essentially when some of the breaks into your PC and steals data. So

05:25

of those two, things are essentially different in

05:29

terms off protecting them.

05:30

So when we talk about protecting data from theft, we talk about two things We had talked about physical security, and we talk about encryption. And, of course, we protect the access to the device.

05:45

So when we talk about physical security,

05:48

the way to protect yourself from data Taft is toe have ah control over access rights and encryption. Because if you have encrypted drive and it's not easy to log into your PC,

06:02

then if somebody physically steals your PC, they haven't been. They might have stolen the data, but they haven't.

06:10

They cannot do anything with them. They cannot access it so they can have a PC. They can reform a drive and sell it to somebody else

06:17

when they cannot access data.

06:20

So when you talk about encryption is a method of protecting from that. It is again there not only to protect from a physical tough but also from cyber theft,

06:32

because encrypted drives sometimes cannot be accessed unless the person is long it onto your PC with your user name and password,

06:43

and when you talk about the access protection, and this is usually the thing that we do when we're not in the office. So we're somewhere outside the company network than encryption of the communication is a way to protect access. So, for example, if you have day town, your,

07:00

um,

07:01

cloud, which is company cloud but you can access is from home. If there is encryption, then if somebody is eavesdropping on your connection Internet connection,

07:15

they will receive just nothing, just something creepy data.

07:19

So this is about

07:21

protecting data on a PC from being stolen. There are other methods to protect your PC from when it's stolen. For example, of mental processes with the pro capability

07:35

can be traced wherever they are in the world on the network. So if somebody steals your PC and connects to the Internet,

07:43

they don't even have to boot the operating system. They just have to turn the PC on and have the Internet connection there. If it's wired, you can trace the PC and find it where this

07:55

so this helps retreating back the property, the physical

08:01

hardware. But if the data is not encrypted there, they can access it before.

08:07

I mean, if you have hard drive is not a particularly can be taken from one PC. Put the secondary driving another PC and that's it.

08:16

So, lizard, a short learning check on this model.

08:20

And, uh,

08:22

the question is, what kind of data is not to the part off endpoint Security is a data incorporate. Storage is dating one drive folder

08:31

or is it dating Program Data folder on Drive C?

08:39

And the correct answer is that in corporate storage, this has nothing to do with the endpoint security.

08:46

So in this lesson, I have been talking about basic self how to protect data from being stolen. Of course, all of these things are again very complex. Include very competent methods. Software is technology is to achieve a very high level of protection.

09:03

But again, these things are subject to