InfoSec / Cyber

    You are here:  
  1. Home
  2. InfoSec / Cyber
  3. October 3: Data Security, the Core of Protection
"A graphic announcing 'October is Cyber Security Awareness Month,' with text explaining the importance of protecting data online. It also includes a 'Cyber tip' to back up your important files. A shield icon with a checkmark and a lightbulb icon are visible."
Information/Cyber Security

October 3: Data Security, the Core of Protection

On day 3 of Cyber Security Awareness Month we are looking at data security.  Data Security refers to the measures taken to protect date from unauthorised access, corruption or theft throughout its lifecycle.


Data Security is about protecting data from unauthorised access, disclosure, alteration or destruction.; it is a combination of physical, technical and administrative safeguards:

  • Physical Security: Protecting devices and infrastructure where data resides. This includes locked server rooms, secure data centres, and even ensuring your laptop is physically secured when you're away from it.  When doing a data walk in your organisation, something we call 'Making the Rounds', we will review physical security of data.

  • Technical Security: Implementing technological measures to protect data. This involves:

    • Encryption: Scrambling data so it's unreadable without the correct key, both when it's stored (data at rest) and when it's being transmitted (data in transit).

    • Access Controls: Limiting who can access specific data based on their identity and role (e.g., only HR can view employee salaries).  We will review access controls for physical data files and digital files.  Reviewing access control for systems and digital data can help prevent cyber attacks and subsequent data breaches.

    • Firewalls: Devices or software that monitor and control incoming and outgoing network traffic.

    • Antivirus/Anti-malware Software: Protecting against malicious software that could corrupt or steal data.

    • Regular Updates: Patching vulnerabilities in software that attackers could exploit.

  • Administrative Security: Establishing policies, procedures, and training that govern how data is handled. This includes data retention policies, incident response plans, and employee security awareness training.

For individuals, data security means backing up important files to a secure external drive or cloud service, encrypting sensitive documents, and being cautious about where and how you store your digital information. For organizations, comprehensive data security is non-negotiable for regulatory compliance (like data protection), maintaining customer trust, protecting intellectual property, and ensuring business continuity. Treat your data as if it were your most valuable asset – because, in many cases, it is.

💡Today's Cyber Tip: Back up your most important files!

Today, take action to back up your most important personal files (photos, documents, etc.) to at least one external source, like a cloud service or an external hard drive. Better yet, use the "3-2-1 backup rule" (3 copies, 2 different media types, 1 offsite).
We have a number of video that explain data security:

Network Security

Physical Security Measures

Data Encryption

Software Updates and Patch Management

Access Controls and User Permissions


DPE Knowledge Bank Guidance and Support:


For schools and colleges, six of the DfE Digital Standards are now mandatory. We have a DfE Digital Standards Tracker tool help you track your cyber resilience and your progress: 

   

Review our Cyber Security Best Practice Area for micro learning, support, guidance and policies:



Why not have a look at our 'specialist' trainer Harry the Hacker :

©2025 Data Protection Education Ltd.

Search