ALSO CALLED: Data Protection, Data-security, Data Theft, and Secure Data

DEFINITION: Ransomware is a type of malware used for data kidnapping, an exploit in which the attacker encrypts the victim's data and demands payment for the decryption key. A ransomware program can be installed from an e-mail attachment, an infected program, or a compromised or malicious Web site. Data kidnapping is not new, but has in the past …
Definition continues below:

Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled. Thus data security helps to ensure privacy. It also helps in protecting personal data.

In the UK, the Data Protection Act is used to ensure that personal data is accessible to those whom it concerns, and provides redress to individuals if there are inaccuracies. This is particularly important to ensure individuals are treated fairly, for example for credit checking purposes. The Data Protection Act states that only individuals and companies with legitimate and lawful reasons can process personal information and cannot be shared.

The International Standard ISO/IEC 17799 covers data security under the topic of information security, and one of its cardinal principles is that all stored information, i.e. data, should be owned so that it is clear whose responsibility it is to protect and control access to that data.
Nortel has devised a paradigm for Enterprise and Government network security which recognizes the need for adaptive and extensible security with low management overhead and without single points of failure. Nortel's approach to network security is the Layered Defense.