## Data Privacy & Security
### Learning Objectives
- Describe the different methods, their features, and benefits of implementing structured data access control
- Describe data encryption and its key concepts
- Describe the different data security measures and how they work
- Develop incident response plans
- Explain advanced data security techniques and relevant regulations
- Apply access controls and authentication processes effectively
- Implement robust encryption and cryptographic methods
- Identify and mitigate various cyberthreats and vulnerabilities
- Discuss the fundamental principles of data security

### Data Privacy
1. Define personally identifiable information, PII. 
    - Any data that can be used to identify a specific individual. This information can range from direct identifiers such as names, Social Security numbers, and email addresses to indirect identifiers like IP addresses, device IDs,and location data.
    - Examples of PII include: full name, home address, email address, passport number, Social Security number, credit card information, and phone numbers.
1. Define the CIA triad, confidentiality, integrity, and availability. 
    - Is a fundamental model used to guide information security practices, and it applies directly to data privacy. This model consists of three key principles, confidentiality, integrity, and availability, which together ensure that data is protected, reliable, and accessible to authorized users.
    - `Confidentiality` refers to the protection of sensitive information from unauthorized access. Involves implementing measures like encryption, access controls, and data masking
    - `Data integrity` ensures that information remains accurate, consistent, and trustworthy over its lifecycle. maintained through measures such as checksums, hashing, and regular audits.
    - `Availability` ensures that data is accessible to authorized users when needed. Systems and infrastructure supporting data storage and processing should be resilient and able to provide timely access to data. Measures such as redundancy, failover systems, and regular backups are essential.
1. Describe the need and strategies to implement data secrecy. 
    - closely related to confidentiality, but focuses more on preventing unauthorized parties from learning the content of sensitive data. Secrecy goes a step further by ensuring that data is completely hidden or disguised from unauthorized users. Techniques such as encryption and obfuscation ensure that even if data is intercepted or accessed, it cannot be understood or exploited. 
1. List the best practices to ensure data privacy.
    - Data Minimization - only collect and store data that is strictly necessary for a specific purpose. Minimizing the amount of data reduces the potential risk in the event of a breach.
    - Encryption and Anonymization - use encryption to protect data both at rest and in transit. Anonymization techniques can also be applied to sensitive information to ensure that even if it is accessed, it cannot be traced back to an individual.
    - Regular Audits and Monitoring - conduct regular security audits and monitor systems for any suspicious activity that could indicate a breach or attempted unauthorized access to data.
    - Employee Training - ensure that employees understand the importance of data privacy and are trained on how to handle personal data responsibly. Human error is a common cause of data breaches, and well informed employees can act as the first line of defense. 
    - Compliance with Regulations - Organizations must stay up to date with evolving privacy regulations, such as General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Health Insurance Portability and Accountability Act (HIPAA). Compliance is essential not only for avoiding legal consequences, but also for building trust with customers.

### Data Security
1. Describe the importance and need for data security. 
    - Data security refers to the strategies that you use for protecting digital information in an organization from unauthorized access, theft, or damage.
    - Why data security is important: 
        - Protection from cyberattacks - hacking, ransomware, and phishing
        - Prevention of data breaches - leads to identity theft, financial fraud, and other forms of exploitation
        - Compliance with regulations - failure to adhere to regulations (GDPR, CCPA, HIPAA) can result in heavy fines and legal consequences
        - Preserving business reputation - sustaining customer loyalty and business continuity
        - Ensuring data integrity - information remains accurate, consistent, and unaltered by unauthorized entities 
1. Describe the different data security measures and how they work.
    - Physical data security - involves protecting the hardware and physical infrastructure that stores data
    - Surveillance and monitoring - monitor physical access to data storage locations
    - Secure disposal - wiping data or destroying storage media to prevent data recovery by unauthorized individuals
    - Network security - protects the data during transmission across internal and external networks from external intervention, unauthorized access, and tampering. Protect data in motion and prevent external cyberattacks.
    - Application security focuses on protecting software applications and services from security vulnerabilities that could expose sensitive data. Key application security practices include secure coding practices.
    - Regular updates and patches
    - Authentication and access control - implement reliable authentication mechanisms, such as multi-factor authentication
    - Data encryption - involves encoding data to make it unreadable to unauthorized users, applied to both data at rest and in transit
        - Two main types of encryptions:
            - Symmetric Encryption - the same key is used for both encryption and decryption. This method is fast and efficient, making it ideal for encrypting large amounts of data, such as backups
            - Asymmetric encryption - uses a pair of keys, one for encryption, public key, and one for decryption, private key. This method is commonly used for secure communication, such as email encryption and digital signatures
    - Access control - manages permissions to view, modify, or delete data. Methods include:
        - Role-Based Access Control (RBAC) - used to assign permissions to users based on their role and responsibilities within the organization
        - Least privileged principle - Users should have minimum level of access required to perform their responsibilities and duties
    - Backup and recovery - procedures are critical for safeguarding against data loss due to accidental deletion, hardware failure, or cyberattacks. Regular backups in multiple locations ensure recovery of critical information with minimum disruptions to business operations

### Data Exposure
1. Describe Data Exposure & its causes
    - Incidence of accidentally making sensitive data accessible to unauthorized parties
    - Due to human error, cybersecurity threats such as phishing, malware, insider threats, password attacks, and more
1. Describe the different types of cybersecurity threats & their mitigation strategies
    - Phishing - one of the most common methods, deceptive emails, fake websites
        - Mitigation - robust email filtering systems, educate users about tactice, and conduct regular cyber awareness training
    - Malware - many forms such as viruses, worms, or spyware, designed to infect systems & steal data
        - Mitigation - regularly update software, install strong antivirus programs, and educate users about the dangers of unverified downloads
    - Insider Threat - Employees, contractors, partners, or other stakeholders with access to sensitive data may unintentionally expose it through negligence or intentionally disclose it for personal gain or revenge
        - Mitigation - implement strict access controls, monitor employee activity, and enforce policies about data handling and security protocols
    - Password Attacks - used to gain unauthorized access to accounts or systems with brute force attacks, credential stuffing, or dictionary attacks
        - Mitigation - organizations & individuals must adopt strong password policies, encourage the use of multifactor authentication, & implement password managers to store complex passwords securely
    - Denial-of-Service (DoS) attack - aims to overwhelm a network, server, or website with traffic, causing it to crash or become unavailable. Distributed Denial-of-Service (DDoS) involve multiple compromised systems flooding the target
        - Mitigation - implement traffic monitoring, network segmentation, and cloud-based DoS-mitigation services
    - Man-in-the-Middle (MITM) attack - occurs when an attacker intercepts and alters communication between two parties undetectably, typically occur over unsecured networks, such as public Wi-Fi
        - Mitigation - Encrypting data, using secure VPNs, and avoiding untrusted networks
    - SQL Injection attacks - target websites and applications that use SQL databases
        - Mitigation - use parameterized queries, validate input data, and regularly test their applications for any flaws
    - Zero-Day attack - exploits target software vulnerabilities that are unknown to the software vendor
        - Mitigation - maintaining a proactive approach to cybersecurity, including constant system monitoring, rapid patch management, and the use of advanced threat detection systems

### Summary
Data privacy is a fundamental aspect of modern information security, essential for protecting individuals' personal information from misuse and ensuring compliance with legal standards. 

By adhering to the principles of confidentiality, integrity, availability, and secrecy, organizations can safeguard data and maintain the trust of their customers.

Data security involves strategies to protect digital information from unauthorized access, theft, or damage, making it essential for organizations.

In the digital age, sensitive data is increasingly at risk of exposure due to human error and various cybersecurity threats, including phishing, malware, insider threats, and password attacks.

Cybercriminals use deceptive emails and fake websites to trick individuals into revealing sensitive information like usernames and passwords, often impersonating trusted entities.

Malware, such as viruses and spyware, can be unintentionally downloaded by users, leading to unauthorized access to sensitive data, including financial information and personal identifiers.

Key data security practices include: 

- Encryption

- Access control

- Security audits

- Backup and recovery

- Patch management

- Employee training

- Compliance with regulations 

The CIA Triad—confidentiality, integrity, and availability—forms the foundation of a strong data security framework, ensuring that sensitive data is accessible, accurate, and available to authorized users.

By prioritizing data security and adopting best practices, organizations can mitigate risks, protect their valuable assets, and foster trust with their clients and stakeholders in an increasingly data-driven world.

Encryption involves converting data into an unreadable format, ensuring only authorized users with the correct decryption key can access it.

The key aspects of data encryption include encryption methods, algorithms, key management, public key infrastructure (PKI), hashing, and quantum-safe computing.

Data access management is essential for securing data and preventing unauthorized access by utilizing methods such as role-based access control (RBAC), group-based access control, and API access.

RBAC enhances security by assigning permissions to roles instead of individuals, ensuring users have the minimum necessary access to perform their job functions.

API security is crucial for protecting sensitive data, requiring robust authentication, authorization, and encryption measures to prevent breaches and unauthorized access.