Features
Features:

Product Tour >

Edraw AI >

Paid Plans:

Individuals >

Business >

Eduaction >
Resources
Blog

History

How-tos & Tips

Discovery

Biography

Business Analysis

Examples

AI concept Map

Free AI Mind Map Generator

Onenote Mind Map

Bcg Matrix Examples

Nike Marketing Strategy

Unilever SWOT Analysis

Make Mind Maps in Google Docs

Guide

FAQs

What's New

Resource Center
Templates
All Templates

Brain Storming Templates

Strategy and Planning Templates

Project Management Templates

Product Management Templates

Human Resources Templates

Agile Workflow Templates

Marketing Templates

Education Templates

Fun and Games Templates

User Gallery
Download
Pricing
Enterprise

Data Security

Dama knowledge system, data security includes the planning, establishment and execution of security policies and procedures to provide correct authentication, authorization, access and auditing for data and information assets.

Edited at 2024-04-02 16:33:26

PlotWizard

Recent works View more works>>

Data Security

PlotWizard

Recent works View more works>>

Recommended to you
Outline

Basic Git Commands
- 148
- 1
Amer {/}
Artificial Intelligence Data Security Governance Recommendations
- 17
PlotWizard
Artificial Intelligence Data Security Risks (Detailed Version)
- 21
- 1
PlotWizard
Artificial Intelligence Data Security Governance Recommendations
- 25
PlotWizard
assets
- 5
wondershare@axcess.io

Data Security

introduction

Data security includes the planning, establishment and execution of security policies and procedures to provide correct authentication, authorization, access and auditing of data and information assets.

Source of data security requirements

1. Stakeholders

2. Government regulations: The starting point for formulating government regulations is to protect the interests of stakeholders

3. Specific business concerns: Every organization’s proprietary data needs to be protected

4. Legal access requirements: While protecting data security, organizations must also enable legal access.

5. Contractual obligations: Contracts and confidentiality agreements also have an impact on data security requirements

Business drivers: Risk reduction and business growth are key drivers of data security activities

1. Reduce risk: As data regulations increase, often in response to data theft and breaches, so do compliance requirements

Process: P Plan C Control D Development O Operation

Target

1. Enable appropriate access to enterprise data assets and prevent inappropriate access

2. Understand and comply with all regulations and policies regarding privacy, protection and confidentiality

3. Ensure the privacy and confidentiality needs of all stakeholders are enforced and audited

Deliverables

1. Data security architecture

2. Data security policy

3. Data Privacy and Confidentiality Standards

4. Data security access control

5. Data access view for regulatory compliance

6. Safety classification records

7. Authentication and User Access History

8. Data security audit report

tool

access control system

Protect software

Identity management technology

Intrusion detection/intrusion prevention software

Metadata tracking

Data desensitization/encryption

Metrics

Security implementation indicators

Security Awareness Indicators

Data protection indicators

Security incident indicators

Confidential data diffusion rate

step

1) Identify and classify sensitive data assets

2) Find sensitive data in the enterprise

3) Determine ways to protect each asset

4) Identify how information interacts with business processes

2. Business growth

3. Security as an asset

Data security goals and principles

Target

1. Enable appropriate access and prevent inappropriate access to enterprise data assets

2. Support compliance with privacy, protection and confidentiality systems and regulations

3. Ensure that the privacy and confidentiality requirements of stakeholders are met

in principle

1. Collaboration

2. Corporate planning

3. Active management

4. Clarify responsibilities

5. Metadata driven

6. Reduce exposure to reduce risk

Risk classification

1. Critical Risk Data (CRD)

2. High Risk Data (HRD)

3. Moderate Risk Data (MRD)

security process

1) 4A plus E

Access

Audit

Authentication

Authorization

Entitlement

2) Monitoring

data integrity

In terms of security, data integrity (Data Integrity) is an overall state requirement to avoid being affected by improper additions/deletions.

Sarbanes-Oxley in the United States

encryption

Encryption is the process of converting plain text into complex codes to hide privileged information, verify transmission integrity, or verify the identity of the sender. encryption

Hash

Convert arbitrary length data to fixed length data identifier

Symmetric encryption

Symmetric encryption uses a key to encrypt and decrypt data

DES: Data Encryption Standard

3DES: Triple DES

AES: Advanced Encryption Standard

IDEA: International Data Encryption Algorithm

asymmetric encryption

In asymmetric encryption, the sender and receiver use different keys.

asymmetric encryption algorithm

RSA

Diffie-Hell-man

PGP (Pretty Good Privacy) is a free public key encryption application

confusion or desensitization

Reduce data availability by obfuscating (making it obscure or unclear) or desensitizing (removing, shuffling, or otherwise changing the appearance of the data) without losing the meaning of the data or its relationship to other data sets.

Types of desensitization

static desensitization

Persistent Data Masking permanently and irreversibly changes data. This type of desensitization is typically not used in production environments, but rather in development (or test) environments. Although static desensitization changes the data, the data can still be used for testing, applications, reports, etc.

1. In-flight Persistent Masking

Off-the-shelf masking is used when moving data between a source (usually a production environment) and a target (usually a non-production) environment requires desensitization or obfuscation.

2. In-place Persistent Masking

Floor desensitization can be used when the data source and target are the same. Read unmasked data from the data source, and directly overwrite the original data after masking.

dynamic desensitization

Dynamic Data Masking is the process of changing the appearance of data to the end user or system without changing the underlying data.

Desensitization method

1. Replace

Replaces a character or integer value with a character or integer value in a search or standard pattern. For example, you can replace the name with a random value from a list

2. Mixed arrangement

Exchange data elements of the same type within a record or exchange data elements of the same attribute between different rows.

3. Space-time variation

Move the date forward or backward by a number of days (small enough to preserve the trend), enough to make it unrecognizable.

4. Numerical variation

Apply a random factor (plus or minus a percentage, small enough to maintain the trend), significant enough to make it unrecognizable.

5. Cancel or delete

Delete data that should not be in the test system

6. Random selection

Replace some or all data elements with random characters or a sequence of single characters.

7. Encryption technology

Convert a stream of recognizable, meaningful characters into a stream of unrecognizable characters via a cipher code.

8. Expression desensitization

Change all values to the result of an expression

regular expressionregular expression

9. Key value desensitization

The results of the specified masking algorithm/process must be unique and repeatable for masking database key fields (or similar fields).

Data security type

1. Facility safety

2. Equipment security

3. Credential security

1) Identity management system

2) User ID standards for email systems

3) Password standards

4) Multi-factor identification

4. Electronic communications security

Data security constraints

1. Confidentiality level

Confidential information is shared only on a "need to know" basis

2. Regulatory requirements

The main difference between confidentiality and supervision is that the requirements come from different sources

1) Confidential data

1. Open to the general audience

2. For internal use only

3. Confidentiality

4. Restricted Confidentiality

5. Top secret

2) Regulatory restricted data

Activity

Managing behaviors related to corporate security requires different levels of systems

1. Enterprise security system

2. IT security system

3. Data security system

tool

1. Antivirus/security software

2. HTTPS

3. Identity management technology

4. Intrusion detection and intrusion prevention software

5. Firewall (defense)

6. Metadata tracking

7. Data desensitization/encryption

Implementation Guide

Data security in the outsourcing world

Everything can be outsourced, except liability

A Responsible, Commented, Consulted, Informed (RACI) matrix also helps clarify the roles, segregation of duties and responsibilities of different roles, including their data security obligations.

Establish clear accountability and ownership to support the overall data security regime and its implementation.

Proliferation of confidential data

The number of copies of confidential data should be measured to reduce proliferation. The more places confidential data is stored, the greater the risk of leakage.