Data Security
Data Security
- Data Security is subject to several types of audit standards and verification.
- The most common are ISO 17799, ISO 27001-02, PCI, ITIL, SAS-70, HIPPA, SOX.
- Security Administrators are responsible for creating and enforcing a policy that forms to the standards that apply to their organizations business.
- IT certification audits are generally carried out by 3rd party accounting firms.
- They generally can be done in a week or two, depending on the size of the organization.
- Clients can also carry out audits before they begin doing business with the company to ensure that their data is secured to their standards.
Security Policy :
- A security policy is a comprehensive document that defines a companies’ methods for prevention, detection, reaction, classification, accountability of data security practices and enforcement methods.
- It generally follows industry best practices as defined by ISO 17799,27001-02, PCI, ITIL, SAS-70, HIPPA , SOX or a mix of them.
- The security policy is the key document in effective security practices.
- Once it has been defined it must be implemented and modified and include any exceptions that may need to be in place for business continuity.
- All users need to be trained on these best practices with continuing education at regular intervals.
Tools to Secure Data :
- Data needs to be classified in the security policy according to its sensitivity.
- Once this has taken place, the most sensitive data has extra measures in place to safeguard and ensure its integrity and availability.
- All access to this sensitive data must be logged.
- Secure data is usually isolated from other stored data.
- Controlling physical access to the data center or area where the data is stored.
- Active or Open Directory is a centralized authentication management system that is available to companies to control and log access to any data on the system.
- Encryption of the sensitive data is critical before transmission across public networks.
- The use of firewalls on all publicly facing WAN connections.
- Deploying VLANs’ and ACLs’ to isolate sensitive departments from the rest of the network.
- Shutting down unused switch ports.
- If wireless is deployed, use authentication servers to verify and log the identity of those logging on.
- Anti-Virus and malicious software protection on all systems.
Comments
Post a Comment