Data Protection
By: Dr Salah A. Rustum
President
CIEL &
IT & Internet Association
From Software to Safeware
IT security has become a subject of much attention in the last couple of years. The
Information Age requires methods for encryption and secure authentication in order to
ensure confidential & legally binding communications. This Issue particularly concerns
the areas of Mobile/desk top Security, Network Security, E-commerce Security and
Infrastructure Security.
Key Problems
In the course of Globalization, the Internet gained more space and it became inevitable
that the data processed along the route of e-communications regardless of its venue
became more demanding for additional security. Security that would provide TRUST to
trading partners as well as to legal houses; and to the User himself/herself being the
Consumer.
The fast flow of information must be guaranteed in today’s business world whether
between individual business units at different locations, or between the head office –
branches or alliance companies, or simply between different offices of the same
enterprise.
A smooth flow of communications and operations is ensured by having company owned
data processing-net-works. Several users can simultaneously access common files. Now
within these networks, comprehensive data protection can not be guaranteed if
individual employees have global or overriding access rights.
However, in the sensitive areas of the company, such as the management, in the audit
department or in research & development – confidentiality and security of data has the
highest priority. After all, the business plans and the development plans or the human
resources and salary data should never get into the wrong hands!
Confidential data and information is particularly vulnerable to attacks when it is
transferred over public net works. Lines can be tapped and message switches or
exchanges can be manipulated.
1
Haunting Dangers
As you very well know, the Internet as such is preferably used due to cost reasons but is
particularly insecured being an open platform for all types of communications. Simply
like post cards in regular snail mail – Meaning that the information sent over the
Internet can be read by any one, and hence is considered insecured.
To this effect, access systems & firewalls are used in several companies and or
organizations to prevent unauthorized access to the own network. Modern technologies
provide access protection without restricting access possibilities for information in local
networks.
According to a study carried out by Ernst & Young, the employees of a company are far
more than competitors – are amongst the main attackers on confidential data.
Furthermore, in the flow of the trend towards outsourcing, several companies in both
Europe & the United States & Canada contract the administration of their data
processing to external service providers.
In other words – Confidential information in networks must therefore be protected
effectively from unauthorized access – From outside and within the organization and
not to under estimate our open network the Internet where electronically signed and
encrypted mail is urged to be used.
Network Security
Access protection is generally implemented at person-level, and the identity of the
operating user is established without doubt – thus authorized personnel of certain
departments or branches access the resources related to their department or branch,
but they are not permitted to access resources of other departments or branches. In
fact administrators and maintenance technicians can ensure continued care and
maintenance of the data processing infrastructures in the sense that they have
authorized physical access to all the company’s files in totality, without being able to
decrypt the data is present in them.
New Technologies
In the course of globalization, rapid exchange of information has quickly gained
importance. A smooth and secure flow of information between trading partners must
be secured and guaranteed at all times
The introduction of the Digital Certificate referred to as the Electronic Signature has
well developed the site as such and boosted the e-mail, e-commerce, Internet and on
line banking. Coupled with that is the transmission of legal documents, financial
2
statements and other equally confidential material such as diplomatic mail, medical
reports and patent registry of new products & inventions.
The Electronic Digital Signature is the spine of electronic commerce and what ever may
derive from such transactions – whether it is the payment of bills and or securing the
identity of the user – or both! Not to mention your right to affect on line application to
connect your electrical current, apply for a mobile phone, or receive your bank
statements. Many other services should become available as well:



The transmission of financial statements to the competent Authorities
Receipt of certificates of origin from Chambers of Commerce, and
Last but not the least the provision of documents to the Registry of Commerce. All
those shall leave you with more productive working time cost effectively.
CIEL is the Registration/Partner Authority of GlobalSign for Lebanon, the MENA Region
including the Kingdom of Saudi Arabia & the Arab Gulf States. With its accredited highly
trained staff, CIEL is raising awareness at all levels and under different roofs such as the
UN/ESCWA – UNDP / United Nations Development Program, The respective Chambers
of Commerce, Industry Agriculture and last but surely not the least, the various
Governmental Departments and Institutions
Furthermore, I wish to point out that legislative work in Lebanon has been carried out,
and it is my pleasure to announce that the Draft Law of the proposed Electronic Digital
Signature has been submitted to the Lebanese Parliament to be put on the Agenda of
the General Session for adoption.
In fact, should we go for the Electronic Signature to secure our Electronic
Communications regardless of its venue, we would most certainly reduce our overheads
by a good 20-25%. This fact directly reduces our high cost of living and relates
immediately to the consumer. Aren’t we all, the Consumer in one way or the other?
Beirut, SEP 21/2013
All Rights Reserved
3