Maintaining integrity of your database is vital

February 2005 Cyber Security

The rapid growth of the Internet and associated e-business opportunities, has spurred an urgent need for trusted e-security.

With the advent of the Electronic Communication and Transactions Act (ECT Act), an organisation now not only has to safeguard its own sensitive information and details of customers, but it also has to be able to provide evidence that it has satisfied regulatory requirements. This legal evidence could come into play should a dispute regarding the electronic transaction ever arise.

When it comes to the confidential database of an organisation, three considerations are of significance:

* Integrity of the database.

* The legal implications should the database be tampered with.

* Evidence - of who tampered with the database and the security measures in place to prevent such a threat.

There are many areas of vulnerabilities that pertain to a database, says Christi Peens, executive at NamITrust, NamITech.

Christi Peens, executive at NamITrust/NamITech
Christi Peens, executive at NamITrust/NamITech

"These vulnerabilities range from simple human error such as entering mistakes, through to malicious damage. It is possible to manage such problems using regular back-ups to permanent read-only media, general network security and controlled access. However, in order to address the second two considerations, that is the legal implications and evidence, organisations should be looking towards PKI using digital signatures."

Digital signatures are persistent evidence of who has committed a transaction. The associated encryption technology ensures that only an authorised individual can access the database and effect changes.

"It is this undisputable audit trail that will allow a company to prove, in court, the integrity of its database and thereby avoid the legal fallout of any alleged infraction," says Peens.

Following the repeal of the Computer Evidence Act and the passing of the ECT Act, electronic evidence may now be used in court to settle a dispute. But to ensure the validity of this electronic evidence, an organisation may be called upon to prove the integrity of its database. "Should an organisation be found lacking in its security measures around its confidential database, it may be held liable for the breach. It is for this reason that companies need to be able to provide forensic proof of the integrity of the database. Digital signatures have a vital role to play here as they are the only forensic component in the security of a database that legitimately proves integrity of data," concludes Peens.

For more information contact Christi Peens, NamITrust, 011 458 0000, christi.peens@namitech.com

About PKI

PKI uses digital certificates to protect valuable information using the following mechanisms:

* Authentication - validates the identity of machines and users.

* Encryption - encodes the data to ensure that information cannot be viewed by unauthorised users or machines.

* Digital signing - provides the electronic equivalent of a hand-written signature. It verifies the integrity of the data and determines whether it has been tampered with while in transit.

* Access control - determines which information a user or application can access and which operations it can perform once it gains access to another application.

* Non-repudiation - ensures that the communications, data exchanges and transactions are legally valid and irrevocable.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Exploiting the global pandemic
Issue 7 2020 , Cyber Security
Cyber criminals targeting remote work to gain access to enterprise networks and critical data reports FortiGuard Labs.

Read more...
Integrated security is key to Huawei Mobile Services
Issue 7 2020 , Cyber Security
To ensure sufficient mobile device security, the technology giant incorporates security into its chip, device and cloud capabilities.

Read more...
Cybersecurity becomes key enabler of sustainable business growth
Issue 7 2020 , Cyber Security
The adoption of rushed digital transformation strategies has left many facing unintended complexities and challenges.

Read more...
Challenges healthcare is facing
Issue 6 2020 , Cyber Security
The healthcare industry has been forever changed by digital transformation, but cybercriminals are targeting the healthcare sector now more than ever.

Read more...
Secure IoT devices and networks
Issue 6 2020, Technews Publishing , Cyber Security
Check Point Software’s IoT Protect solution secures IoT devices and networks against the most advanced cyber-attacks.

Read more...
SentinelOne Protects the AA
Issue 6 2020 , Cyber Security
National provider of 24-hour motorist assistance stays on the road thanks to accelerated, AI-powered threat prevention, detection and response.

Read more...
Protecting database information
Issue 6 2020 , Cyber Security
SearchInform has officially released Database Monitor, a solution for the protection of information stored in databases.

Read more...
Work from home securely
Issue 5 2020 , Cyber Security
First Consulting provides enterprise-level IT security to working-from-home employees at more than 40 South African organisations.

Read more...
Agility, meticulous alignment and testing
Issue 5 2020 , Cyber Security
Data loss can put the nails in the coffin for unprepared businesses. Investing in cyber resilience is key to succeed in the age of digital transformation.

Read more...
Cybersecurity comment: A holistic approach to threat vulnerability
Issue 5 2020 , Cyber Security
Any organisation, whether large or small, public or private, should follow an established framework in order to protect itself against cyber threats.

Read more...