[Isabelle Tubbs]

Hi, Teisha. It was great to read about how access controls apply to the electric field with which you have experience. The areas you talked about definitely necessitate secure access controls to protect that data. I also like how you described access controls as a way to let the right people in. By default, someone is not granted permission, but access controls make sure those who should have access can do so.

[Isabelle Tubbs]

Access controls are put in place to only allow individuals who have been granted permission to actually use the system. This involves making sure that the person is who they say they are, which could be done with passwords and/or IDs. Once someone is verified and gets access, there must also be controls to determine what that person can access. It is always good to only give users the permissions for things that they actually need to use. Additionally, when a user is granted access, it can be helpful to keep a record of this for future reference.
Implementing these access controls aid in keeping sensitive data secure. Data that needs to be kept secure in this way could have information that is important to the company or even users’ private data, such as banking or health information. Companies need to establish trust with their users by providing a safe system for them to use.

[Isabelle Tubbs]

Hi, Trae. I like that you mentioned how cryptography can help with complying with privacy laws. Privacy is so important that there are rules in place to make sure systems do their best to maintain privacy. As a result, cryptography is one way to ensure that security measures are in accordance with laws that are established.

[Isabelle Tubbs]

Cryptography is a means of hiding data that is communicated so that its true meaning is not revealed to those for which it is not intended. Using ciphers, keys, and hashing can all be processes for protecting data through cryptography. There are different methods when using these tools, and they each have different types. The different types of ciphers vary as to whether the data will be encrypted or decrypted by bits or blocks. Asymmetric cryptography uses two separate keys for encrypting and decrypting, and symmetric cryptography uses one for both processes. Finally, hashing does not use a key, but it adds a hash value to a message.
Regardless of which tool is used, cryptography should ensure that the information that is sent is genuine and accurate. To prevent attacks on the data that is exchanged, cryptography helps protect the data so users can trust that what they have received is the right data.

[Isabelle Tubbs]

Even though Jesus is fully God, the enemy still presented temptations to Jesus in a vulnerable moment. Each time, the enemy tries to say something cleverly crafted to make the sinful decision seem all right to do just like he did in the Garden of Eden. Instead of being tricked by the devil, Jesus stands firm in what He knows from the Word of God and what God has spoken because He is the Word of God.
As the devotional pointed out, Christians have Jesus’ Spirit living in them, making it possible for us to receive help from the Spirit to resist temptation. Being rooted in Scripture, in our God-given identity, and in the Holy Spirit is a way to be on guard against the enemy’s tactics. Additionally, asking God for help against temptation is vital for resisting temptation as well. Unfortunately, as humans we will not be perfect at this, but God is patient to forgive us and help us resist temptation.

[Isabelle Tubbs]

God first established the Law with the Israelites as a way to let them know what is the right thing to do and what is wrong to do. However, like the Pharisees in Matthew 3, it can seem like the way to be righteous is to follow the Law as well as other regulations to be righteous. Although seeking righteousness is a wonderful thing, doing it in a legalistic way like this is not what being righteous means. God created human beings to be in a relationship with Him, not just to say the right things and go through certain motions. He longs to be with us and loves us, and He gives us commands in His Word out of love. As a result, He wants us to pursue righteousness but from a motive of receiving something back from God but rather from a relationship with Him. To truly live more like Jesus, we need God’s help and guidance. We can only receive His help with this if we come to Him sincerely and ask for His help in living more like Jesus in relationship with Him. I am grateful that God is willing to help and be patient through this process and that He continues to show love.

[Isabelle Tubbs]

Hi, Carlos. Great work presenting potential controls that a company could use for their overall security. One thing you mentioned that I did not was employee training. Training employees to be responsible when being on the system and sharing data is extremely important. Taking time to let them know of best practices can protect the system more in the future.

[Isabelle Tubbs]

When securing a company’s network, there are different aspects that need to be covered. First, physical controls must be implemented. Putting locks, guards, and sensors in place can prevent an intruder from entering. Additionally, creating physical controls against natural occurrences should be incorporated. Installing fire alarms or backup power can help protect a network.

Next, software controls must be created to stop hackers from gaining any sort of access to the system. Putting in firewalls and running security scans can make sure everything on the system is up to date and that no unwanted guests come on the system. Some other measures to include are encryption of data, security updates, and user account control.

To create a good security system, there naturally needs to be several protective controls put in place so that the system can be protected from different types of attacks. Otherwise, the system will be amazing at protecting one type of attack while also being vulnerable to another type. Therefore, using a combination of the measures listed as well as other measures is best.

[Isabelle Tubbs]

Hi, Addison. Nice work on explaining each type of storage and its features. I agree that, especially recently, cloud storage has become extremely popular. Most users are interacting with cloud storage in some way even if they do not always recognize it. It makes things convenient for accessing, regardless of the device or location. However, each storage type is important, and knowing what is needed for a system is important for selecting the type of storage.

[Isabelle Tubbs]

There are three types of data storage: DAS, NAS, and SAN. DAS (direct attached storage) allows data to be connected to a server, making it easier to set up. NAS (network attached storage) requires a storage device that will be accessed through network shares. This centralization of the data is helpful, but keep in mind that it will require more time when accessing it. SAN (storage area network) requires iSCSI or Fibre Channel to create block level access to the data storage. This is great for companies that need something to expand along with them, while also keeping a centralized storage system. It also has fast access times and more redundancy. As with many tools, it is important to find out what an organization’s needs and resources are before selecting a specific storage type. However, even though DAS and NAS are cheaper and easier to configure, SAN is not. SAN requires a good amount of money and skill to implement. DAS can give fair data protection, but NAS can give a good centralized system (Kirvan et al., 2025).

References
Kirvan, P., Sheldon, R., & Miller, J. A. (2025, March 25). What is direct-attached storage (DAS) and how does it work? Informa TechTarget. https://www.techtarget.com/searchstorage/definition/direct-attached-storage

[Isabelle Tubbs]

Hi, Teisha. Nice work on your discussion post. I agree that VPNs are a useful technology to address issues for systems connecting remotely. I like how you described it from the organization’s point-of-view. They needed to quickly and efficiently expand the VPN infrastructure and also include measures like multi-factor authentication. It is always important to include a variety of security measures.

[Isabelle Tubbs]

Hi, Trae. Great work on your post. I like the variety of examples you used to describe the security concerns of 2020. After reading about those concerns, I can definitely see why increasing technological security measures and staff training was vital. With all the online resource connections during COVID, users did need to learn how to be safe when sharing data and to recognize when something is a scam.

[Isabelle Tubbs]

The year 2020 led to a greater use in online communication and in resource sharing. However, this did not come without its own potential risks. Even before quarantine, one article described how 5G networks would need to give a wider range of access for different devices, but this would also make it more vulnerable to cyber attacks (Zwinggi et al., 2020).

Companies needed to respond to these security concerns by using different resources to enhance security. One of these measures included encrypting and decrypting data with cryptographic keys (Zwinggi et al., 2020). This would help ensure data is not as susceptible to being leaked. Another measure organizations took was creating security-focused policies. These policies can pertain to the way resources are used so that employees are careful to use their devices in a safe manner. For example, when users shared data, there may have measures to make sure the data was encrypted, and the users might have been required to use a safe internet connection or otherwise to use a VPN.

References
Zwinggi, A., Pineda, M., Dobrygowski, D., & Lewis, R. (2020, January 23). Why 2020 is a turning point for cybersecurity. World Economic Forum. https://www.weforum.org/stories/2020/01/what-are-the-cybersecurity-trends-for-2020/

[Isabelle Tubbs]

Hi, Teisha. I agree that Defense in Depth is an important concept with security, and I like that you described it as a mindset. There are many benefits to using certain security measures or protocols, but there is not going to be one perfect solution for securing a system. Rather, using a combination can help protect a system from different types of attacks. Great work on your post.

[Isabelle Tubbs]

Hi, Willy. After reading your post, I definitely see the importance of preventing cryptographic failure is. This relates to the OWASP security principle of sensitive data exposure. Creating controls for the encryption and storage of data can help prevent cryptographic failure and thus the leaking of sensitive data. Nice work on your discussion post.

[Author]

Posts