Integrity is the property whereby information (data), an information system, or a component of a system has not been modified or destroyed in an unauthorized manner. It is also a state in which information has remained unaltered from the point it was produced by a source, during transmission, storage, and eventual receipt by the destination.
How does data Integrity relate to SMBs?
Data Integrity is important when working with critical and sensitive information. For example, if you leave your salary data on a shared drive in your file server and this is what ADP keys off of when Payroll is completed, what would happen if an employee took advantage of a new HR person doing payroll by changing the excel spreadsheet on salaries? Would you discover the integrity of the Salary Excel had been compromised (not to mention the confidentiality)?
Here are some actions CyberHoot recommends to protect Data Integerity:
- Encryption of data while in transit and at rest.
- Follow the principle of “Least Privilege” and “Confidentiality“
- Remove Administrator privileges monitored to accidental incidents.
- Regular data back-ups to ensure data is never lost or changed.
Related Terms: Privacy, Availability, Confidentiality, Data Integrity, System Integrity
Source: CNSSI 4009, NIST SP 800-53 Rev 4, 44 U.S.C., Sec 3542, SANS; From SAFE-BioPharma Certificate Policy 2.5
