Let’s begin Information Security by Classifying an Organization’s Data in order to Identify which Data requires Protection. The Overall Process includes the following steps: Identify and Classify Sensitive Data Assets: …
Data Security – CRUD or CRUDE Matrix
A CRUD or CRUDE matrix is a useful way to capture and display activities and permissions within a system. You can use a CRUD matrix to observe how Processes handle …
ISMS – ISO/IEC-27001:2013 – Annex A
ISO = International Organization for Standardization IEC = International Electrotechnical Commission ISMS = Information Security Management System ISO/IEC-27001:2013 is the International Security Standard and Best Practice Guidelines, which details the …
Data Security in Data Management
Rule of Thumb: CIA Triad – Confidentiality, Integrity and Availability. Data Security includes the planning, development, and execution of security policies and procedures to provide proper authentication, authorization, access, and …