[BreachExchange] Common Sense Ways Of Handling Data, Digital Or Not

Destry Winant destry at riskbasedsecurity.com
Thu Aug 1 10:17:29 EDT 2019


The value and importance of information change depending on how much
information there is and the actual “perceived value” that the
observer sees when they get a hold of the information. Content
creators of generations ahead of us generated new knowledge, discuss
concepts and explains their point of view without advance knowledge on
how we, their successors will treat their work. Writers are not
separated from the general population, and all of us are in treating
what we perceive as text, images and motion video on the screen or on
paper in a certain context. The dynamic relationship between content
creators who impart knowledge and the level of acceptance from the
receivers of the information is highly dependent on our own bias.

Nevertheless, the information should be preserved with a high level of
importance, no different from how civilization built museums and other
archival locations to preserve the past. With our very advanced
high-tech, gadget-driven everyday life, we become unofficial guardians
of information. We are no different from a full-time librarian of
physical books from the past and present. We provide these services to
individuals and groups. However, there is a question whether the
information source should be treated as having a private and
commercial purpose, or should it be open to the public. We have seen
many counterarguments and exchange of opinion, is information a public
utility like water and electricity, or information may be treated like
a state-secret or a corporate patent that should remain closed to the
chest of its creators.

So basically speaking, we recommend the following actions to preserve data:

1. Digital information file should be stored in such a way that it can
not be changed without approval. Preserving data is needed for
integrity purposes
2. It must be made available as it is, that means unauthorized copying
should be prevented.
3. If there is a need to distribute many copies of the information,
always assume that there is a copy of it left somewhere in the world.
Any information already released publicly cannot be stored in secrecy

In addition, it is important to save top-secret files so that they can
not be used unless truly necessary, this is something all government
is doing at the turn of the computer age. The problem is that we have
to cope with the transition of authority in our civilization. Those
baby boomers who worked in preserving and security-critical data are
now in the age of retirement. Changing IT personnel regularly is a new
normal, this may eventually lead to data loss if no strict data
securityprotocols are in place.

In addition, as the technology improves, the relevance of certain
storage technology becomes outdated. We are in an era of slowly
decommissioning optical storage for example.

To make it available means to save it in a storage technology that can
easily be migrated to a newer storage medium. Whether it is a digital
or paper book, the viability of the information it contains becomes a
debatable concept. Are we continuing to publish books on paper, on a
digitally readable format or on an audio form? Also, although writing
is only once, it can be read many times, and it does not hurt to still
publish a physically readable material, as it requires no electricity
to maintain its readability compared to a digital electronic format.
Basically, there is no need for an external device to read a book. You
do not need a screen to read a book. You can take it out and read it
with your eyes without tools.

Threats to the system include media failure, paper wear, hardware
failure, lack of space in the bookcase, software failure, and wear on
your own eyes. However, digital information is not affected by age,
but natural disasters such as floods and fires are very serious
obstacles for preservation. With all the inherent limitations of
paper, we at hackercombat.com discourage you from digitizing all your
data. The problem is that once information is digitalized, reproducing
multiple copies of it are very easy. Don’t become the next guy who
took pictures of his credit/debit card and posted it on social media.
Have a sense of awareness that not all data about you needs to be
public. Physical restrictions on accessing data are still the best
type of security, far outweighs encryption and other ways to preserve
digital privacy today.

More information about the BreachExchange mailing list