What is Digital Security? Assessing your risks with the Threat Model

What is Digital Security?

Digital Security is a state where an individual/entity is in complete control of their data which includes having power to decide who has access, who can handle, how is it processed, where is it stored etc. Data here refers to any form of Digital Content. We use many devices to create and manage data. Without digital security it becomes difficult to determine ownership, protect intellectual property and protect privacy.

Why?

Every person has at least some personal information that they would prefer to keep private. Health Records, Private Communication, Emails, Confidential Communication with lawyers and Financial Information are some of the categories of information that people would prefer to keep private.

Every Organization has to protect their Employee Records, Intellectual Property and other Confidential Information.

Professionals such as lawyers and health professionals have a legal obligation to ensure the confidentiality of client data.

Assessing your risks with the Threat Model

Security is always an ongoing process. There is no such thing as perfect security. Building and maintaining security takes up time and other resources. It is important to know what risks you face so that you can take action accordingly.

For this purpose the following threat model can be used.

1. What do you want to protect? [Emails, Messages, files etc.]

2. From whom do you want to protect it? [Competitors, Employer, Hacker etc.]

3. How likely is that you need to protect it? [More the likeliness, the more important it is to protect.]

4. How bad are the consequences of failure? [Worse the consequences, the more important it is to prevent failure]

5. How much trouble are you willing to go through? [Spend time and resources]