Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Maintaining integrity of your database is vital

February 2005 Information Security

The rapid growth of the Internet and associated e-business opportunities, has spurred an urgent need for trusted e-security.

With the advent of the Electronic Communication and Transactions Act (ECT Act), an organisation now not only has to safeguard its own sensitive information and details of customers, but it also has to be able to provide evidence that it has satisfied regulatory requirements. This legal evidence could come into play should a dispute regarding the electronic transaction ever arise.

When it comes to the confidential database of an organisation, three considerations are of significance:

* Integrity of the database.

* The legal implications should the database be tampered with.

* Evidence - of who tampered with the database and the security measures in place to prevent such a threat.

There are many areas of vulnerabilities that pertain to a database, says Christi Peens, executive at NamITrust, NamITech.

Christi Peens, executive at NamITrust/NamITech
Christi Peens, executive at NamITrust/NamITech

"These vulnerabilities range from simple human error such as entering mistakes, through to malicious damage. It is possible to manage such problems using regular back-ups to permanent read-only media, general network security and controlled access. However, in order to address the second two considerations, that is the legal implications and evidence, organisations should be looking towards PKI using digital signatures."

Digital signatures are persistent evidence of who has committed a transaction. The associated encryption technology ensures that only an authorised individual can access the database and effect changes.

"It is this undisputable audit trail that will allow a company to prove, in court, the integrity of its database and thereby avoid the legal fallout of any alleged infraction," says Peens.

Following the repeal of the Computer Evidence Act and the passing of the ECT Act, electronic evidence may now be used in court to settle a dispute. But to ensure the validity of this electronic evidence, an organisation may be called upon to prove the integrity of its database. "Should an organisation be found lacking in its security measures around its confidential database, it may be held liable for the breach. It is for this reason that companies need to be able to provide forensic proof of the integrity of the database. Digital signatures have a vital role to play here as they are the only forensic component in the security of a database that legitimately proves integrity of data," concludes Peens.

For more information contact Christi Peens, NamITrust, 011 458 0000, [email protected]

About PKI

PKI uses digital certificates to protect valuable information using the following mechanisms:

* Authentication - validates the identity of machines and users.

* Encryption - encodes the data to ensure that information cannot be viewed by unauthorised users or machines.

* Digital signing - provides the electronic equivalent of a hand-written signature. It verifies the integrity of the data and determines whether it has been tampered with while in transit.

* Access control - determines which information a user or application can access and which operations it can perform once it gains access to another application.

* Non-repudiation - ensures that the communications, data exchanges and transactions are legally valid and irrevocable.





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
Addressing today’s mining challenges: cyber risks beyond IT
Editor's Choice Information Security Mining (Industry)
Despite the mining industry’s operational technology systems being vulnerable to cyberattacks, many decision-makers still see these threats as purely an IT issue, even though a breach could potentially disrupt mining operations.

Read more...
Get proactive with cybersecurity
Information Security
The ability to respond effectively to a cybersecurity breach is critical, but the missing piece of the puzzle is a thorough, proactive evaluation to ascertain weaknesses and identify any hidden threats.

Read more...
How to effectively share household devices
Smart Home Automation Information Security
Sharing electronic devices within a household is unavoidable. South African teens spend over eight hours per day online, making device sharing among family members commonplace. Fortunately, there are methods to guarantee safe usage for everyone.

Read more...
How to securely manage your digital footprint
Information Security Training & Education
Managing your online presence is critical to safeguarding your privacy and security. It is imperative to take a proactive approach, including using robust cybersecurity best practices.

Read more...
The state of code security in 2024
Information Security
The 2024 State of Code Security survey reveals that organisations have continued to shore up application security defences over the last year, according to OpenText Premier Partner iOCO Application Management.

Read more...
What is the level of safety and integrity of the software supply chain?
Information Security IoT & Automation
Organisations are embracing AppSec practices and focusing on their software security posture. However, they highlight that insufficient funding and security resources, plus a disconnect between developers and security teams, remain major roadblocks.

Read more...
Cybercriminals target financial service providers to get at sensitive client data
Information Security
According to Ryan van de Coolwijk, Product Head for cyber at iTOO Special Risks, hackers target financial service providers because they hold sensitive client information that unauthorised individuals could use for fraudulent activities.

Read more...
Fortinet establishes new point-of-presence in South Africa
News & Events Information Security
Fortinet has announced the launch of a new dedicated point-of-presence (POP) in Isando, Johannesburg, to expand the reach and availability of Fortinet Unified SASE for customers across South Africa and southern African countries.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.