1
00:00:02,900 --> 00:00:07,840
This far we've talked about data confidentiality.

2
00:00:07,900 --> 00:00:09,500
This is the most relevant aspect.

3
00:00:09,520 --> 00:00:15,470
And the first thing that springs to mind when data protection is concerned.

4
00:00:15,670 --> 00:00:17,960
But this doesn't always have to be the case.

5
00:00:20,510 --> 00:00:23,600
Sometimes the integrity of data is equally important.

6
00:00:27,080 --> 00:00:33,290
Data integrity refers to a situation when a given message has not been modified by an unauthorized person.

7
00:00:38,600 --> 00:00:46,290
Data integrity can be maintained by adding specific checksums to the data this method also helps protecting

8
00:00:46,290 --> 00:00:48,670
the integrity of operating system files.

9
00:00:51,180 --> 00:00:56,790
If a document you open has a different check sum than that of a document saved by a trusted user.

10
00:00:56,790 --> 00:01:01,730
This points to data integrity corruption.

11
00:01:01,890 --> 00:01:03,900
Why is integrity so important.

12
00:01:05,920 --> 00:01:08,250
Let's use online orders as an example.

13
00:01:09,680 --> 00:01:12,160
If someone has spired that we've ordered five books.

14
00:01:12,200 --> 00:01:20,290
This usually doesn't bother us but if that person modifies the order value from 5 to 500 books we would

15
00:01:20,290 --> 00:01:26,090
be less than happy integrity is a vital feature of information.

16
00:01:35,500 --> 00:01:38,920
Data authenticity is another key aspect to data security

17
00:01:41,630 --> 00:01:44,840
authenticity is a bit broader in scope than integrity.

18
00:01:48,690 --> 00:01:53,950
Authenticity is a feature of information that ensures that the sender of the data stream is legitimate.

19
00:01:55,190 --> 00:01:58,670
And that the data has not been modified after it was sent by a trusted sender

20
00:02:01,680 --> 00:02:08,750
This feature can be verified through the use of digital signatures will cover this incoming module's

21
00:02:11,390 --> 00:02:12,790
as we stressed before.

22
00:02:12,800 --> 00:02:15,180
You should not put too much faith in technology.

23
00:02:17,940 --> 00:02:21,330
You can see an example of why limited trust is the best option.

24
00:02:22,770 --> 00:02:31,300
It's a certificate for signing crucial information contained in system files or X Files.

25
00:02:31,440 --> 00:02:38,760
It was stolen and used to sign malicious software authenticity is verified through digital signatures

26
00:02:38,760 --> 00:02:41,460
on files that are usually generated from certificates

27
00:02:44,020 --> 00:02:46,270
certificate has an assigned level of trust.

28
00:02:46,290 --> 00:02:47,340
A user can give

29
00:02:53,280 --> 00:02:55,870
the less feature of information is its availability

30
00:03:00,250 --> 00:03:09,640
data availability is specified in an SLA service level agreement I.T. departments and business customers

31
00:03:09,640 --> 00:03:15,570
are bound with the terms and conditions of an SLA.

32
00:03:15,780 --> 00:03:21,780
The specifications of this contract define the maximum tolerable length of service unavailability and

33
00:03:21,780 --> 00:03:25,410
determine the amounts of information that can be lost after a disaster.

34
00:03:27,720 --> 00:03:30,780
You can find lots of information on soldiers on the Internet.

35
00:03:35,150 --> 00:03:43,770
The key elements of the agreement are recovery time objective or T-O which is the duration of time in

36
00:03:43,770 --> 00:03:45,720
which a service can be unavailable.

37
00:03:47,300 --> 00:03:52,540
Most often calculated in a percentage the closer to 100 percent.

38
00:03:52,660 --> 00:04:02,220
The longer the information needs to be available recovery point objective RPO which is the amount of

39
00:04:02,220 --> 00:04:04,700
data that can be lost in the event of a failure.

40
00:04:07,280 --> 00:04:13,510
The recovery time objective forms the foundation of all s.l AES.

41
00:04:13,740 --> 00:04:22,680
The measures the non-negotiable duration of time within which information or services can be unavailable.

42
00:04:22,700 --> 00:04:32,040
It is usually expressed as a number of Neyens if a given service is to be provided 365 days a year 24

43
00:04:32,040 --> 00:04:35,630
hours a day seven days a week.

44
00:04:35,640 --> 00:04:43,020
This means that an RTL value that has five nines ninety nine point nine nine nine percent can only be

45
00:04:43,020 --> 00:04:47,440
shut down for whatever reason maintenance attacks threats.

46
00:04:48,000 --> 00:04:49,470
For five minutes in a year

47
00:04:53,300 --> 00:04:58,160
agreeing on a five nines article means that a given service or information has to be protected in a

48
00:04:58,160 --> 00:04:59,210
special way.

49
00:05:02,180 --> 00:05:06,560
It's impossible to provide an RTL this high if data is stored in one system only

50
00:05:09,940 --> 00:05:13,200
hosting companies usually agreed to a four digit are.

51
00:05:16,260 --> 00:05:24,550
Under the same assumptions 3:09 mean that a service can shut down for 8 hours per year maximum.

52
00:05:24,660 --> 00:05:28,690
You can't expect your only computer to be set up for the whole year without interruption.

53
00:05:31,210 --> 00:05:36,820
And 8 hours will probably be too little to successfully deal with an attack or to restore a system after

54
00:05:36,820 --> 00:05:37,960
a failure.

55
00:05:39,730 --> 00:05:44,700
Another part of an SLA which is defined in all contracts of this type is a recovery point objective

56
00:05:46,280 --> 00:05:51,640
which is the measure that determines the amount of data that can be lost after an attack.

57
00:05:51,650 --> 00:05:56,700
It's easier to ensure a recovery point objective of 0 percent.

58
00:05:56,720 --> 00:06:02,520
It's a matter of replicating data and creating backups then to ensure and RTU equaling ninety nine point

59
00:06:02,540 --> 00:06:07,090
ninety nine percent in the case of the RTU.

60
00:06:07,130 --> 00:06:10,580
I have saleability comes with the need for investing in expensive equipment

61
00:06:13,780 --> 00:06:18,490
ASL is are becoming increasingly popular and it's quite possible that you'll often be asked to sign

62
00:06:18,490 --> 00:06:21,730
an SLA that determines the RPO as a 0 percent

63
00:06:24,150 --> 00:06:29,270
businesses need to guarantee that whatever happens no data will be lost from the system.

64
00:06:31,690 --> 00:06:38,440
We have few technologies that can ensure implementing good values of RTU and RPO will mention them later

65
00:06:38,440 --> 00:06:40,490
on in the next modules of this course.

66
00:06:43,910 --> 00:06:49,910
High availability of services usually require the use of specialist technologies.

67
00:06:50,000 --> 00:06:52,740
There will also be covered in the next part of this course.

68
00:07:00,290 --> 00:07:00,770
Thank you.