Data Security

Data-Security

Data Security


  • Data Security is subject to several types of audit standards and verification.
  • The most common are ISO 17799, ISO 27001-02, PCI, ITIL, SAS-70, HIPPA, SOX.
  •  Security Administrators are responsible for creating and enforcing a policy that forms to the standards that apply to their organizations business.
  • IT certification audits are generally carried out by 3rd party accounting firms.
  •  They generally can be done in a week or two, depending on the size of the organization.
  •  Clients can also carry out audits before they begin doing business with the company to ensure that their data is secured to their standards.


Security Policy :


Data-Security

  • A security policy is a comprehensive document that defines a companies’ methods for prevention, detection, reaction, classification, accountability of data security practices and enforcement methods. 
  • It generally follows industry best practices as defined by ISO 17799,27001-02, PCI, ITIL, SAS-70, HIPPA , SOX or a mix of them.
  • The security policy is the key document in effective security practices.
  •  Once it has been defined it must be implemented and modified and include any exceptions that may need to be in place for business continuity. 
  • All users need to be trained on these best practices with continuing education at regular intervals.

Tools to Secure Data :


Data-Security
  • Data needs to be classified in the security policy according to its sensitivity.
  • Once this has taken place, the most sensitive data has extra measures in place to safeguard and ensure its integrity and availability.
  • All access to this sensitive data must be logged.
  • Secure data is usually isolated from other stored data.
  • Controlling physical access to the data center or area where the data is stored.
  • Active or Open Directory is a centralized authentication management system that is available to companies to control and log access to  any data on the system.
  • Encryption of the sensitive data is critical before transmission across public networks.
  • The use of firewalls on all publicly facing WAN connections.
  •  Deploying VLANs’ and ACLs’ to isolate sensitive departments from the rest of the network.
  • Shutting down unused switch ports.
  • If wireless is deployed, use authentication servers to verify and log the identity of those logging on.
  • Anti-Virus and malicious software protection on all systems.

Comments

Post a Comment

Popular posts from this blog

Robot Master

Image
Robot Master: Robot Master is a name used to refer to human-like boss robots from the original Mega Man series that possess a very advanced level of artificial intelligence. Most, if not all, Robot Masters possess a Special Weapon. These powers can be gained mainly by Mega Man, Proto Man, or Bass after the robot is defeated. Each Robot Master has a "consciousness", although the level of every "cognitive circuit" embedded inside each one of them varies, producing as many different "personality" types as found in people. Like humans, they can speak, and have emotional responses like shyness or anger. When Mega Man fights against a Robot Master, he takes great care to not damage their integrated circuit chip's "cognitive circuit". As long as the cognitive circuit isn't completely destroyed, they can be rebuilt any number of times. Robot Master is a special kind of robot or android that possesses a very advanced level
Read more

Holography

Image
Holography: Holography is the science and practice of making holograms. Typically, a hologram is a photographic recording of a light field, rather than of an image formed by a lens, and it is used to display a fully three-dimensional image of the holographed subject, which is seen without the aid of special glasses or other intermediate optics. The hologram itself is not an image and it is usually unintelligible when viewed under diffuse ambient light. It is an encoding of the light field as an interference pattern of seemingly random variations in the opacity, density, or surface profile of the photographic medium. When suitably lit, the interference pattern diffracts the light into a reproduction of the original light field and the objects that were in it appear to still be there, exhibiting visual depth cues such as parallax and perspective that change realistically with any change in the relative position of the observer . History: Holography dates from 1947, when Briti
Read more

Application software

Image
Application software: Application software is a program or group of programs designed for end users. These programs are divided into two classes: system software and application software. While system software consists of low-level programs that interact with computers at a basic level, application software resides above system software and includes applications such as database priograms, word processors and spreadsheets. Application software may be grouped along system software or published alone. Examples: word processor, a spreadsheet, an accounting application, a web browser, a media player, an aeronautical flight simulator, a console game or a photo editor etc. Design:                                                                                 Types  Application Suite: Has multiple applications bundled together. Related functions, features and user interfaces interact with each other. e.g. Microsoft Office, LibreOffice and iWork, which bundle together a wo
Read more