image

Data Security – Initiation

Let’s begin Information Security by Classifying an Organization’s Data in order to Identify which Data requires Protection. The Overall Process includes the following steps:

  • Identify and Classify Sensitive Data Assets: Depending on the industry and organization, there can be few or many assets, and a range of Sensitive Data (including Personal Identification, Medical, Financial, and more).
  • Locate Sensitive Data throughout the Enterprise: Security requirements may differ, depending on where Data is stored. A significant amount of Sensitive Data in a single location poses a High Risk due to the damage possible from a single breach.
  • Determine how each Asset needs to be Protected: The measures necessary to ensure Security can vary between assets, depending on Data Content and the Type of Technology.
  • Identify how this Information interacts with Business Processes: Analysis of Business Processes is required to determine what Access is allowed and under what conditions.

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × 4 =