The document discusses data security and data management. It defines data security as processes and practices to protect critical IT systems and information. Effective data security uses controls, applications, and techniques to identify important data and apply appropriate security controls. Data security is important for organizations to protect user and customer data from unauthorized access. Common data security methods include access controls, authentication, backups, encryption, and data erasure. Data management techniques aim to ensure data quality, integrate data across systems, and govern data use and access. The document also discusses specific techniques for data cleansing, integration, and other aspects of data management.

1. Unit 5
Dr. SHUBHRA GOYAL

2. SECURITY MODULE OUTLINE

3. Data security
 Data security is about keeping data safe.
 If the data on a computer system is damaged, lost, or stolen, it can lead to
disaster.
 Data security is a set of processes and practices designed to protect your
critical information technology (IT) ecosystem.
 This included files, databases, accounts, and networks.
 Effective data security adopts a set of controls, applications, and techniques
that identify the importance of various datasets and apply the most appropriate
security controls.
 Thus, data security is one of many critical methods for evaluating threats and
reducing the risk associated with data storage and handling.

4. Why is Data Security Important?
Data security is critical to public and private sector organizations.
Companies have to protect their user and customer data from
falling into the wrong hands.
Ex: Payment Card Industry Data Security Standard (PCI DSS)
forces companies to take all reasonable measures to protect user
data.
There is the reputational risk of a data breach or hack.

5. Methods/Types of Data Security
 ACCESS CONTROLS
 AUTHENTICATION
 BACKUPS AND RECOVERY
 DATA ERASURE
 DATA MASKING
 DATA RESILIENCY
 ENCRYPTION

6. Main Elements of Data Security
There are three core elements
to data security :
 Confidentiality
 Integrity
 Availability
These concepts are also
referred to as the CIA Triad.

7. Data Security Technologies
 Data Auditing
 Data Real-Time Alerts
 Data Risk Assessment
 Data Minimization
 Purge Stale Data

8. Best Practices for Ensuring Data Security
 Quarantine Sensitive Files
 Behavior-Based Permissions
 Prepare for Cyber Threats
 Delete Unused Data

9. FAQs
Are there different types of data security?
 Yes. While data security refers to the general practice of protecting sensitive
information, it can take various forms. Firewalls, password protection, and multi-
factor authentication are all types of data security measures typically employed.
What is the role of data security?
 Data security functions to prevent data breaches, reduce risk of data exposure,
and for regulatory compliance purposes. Within any organization, data security’s
role is to ensure the ongoing safe and secure use of private data while minimizing
exposure risk.
What does data security include?
 Data security encompasses an array of technology, business, or organizational
practices. This includes things like a comprehensive data security policy,
cybersecurity software, and thorough data sanitization business processes.

10. Methods for managing and securing
data
 Train the Workforce
 Embrace a Data-Centric Security Strategy
 Implement Multi-Factor Authentication (MFA)
 Set Strict Permissions for the Cloud
 Exercise Vigilance for Patch Management
 Knowing where data lives
 Tracking user access
 Blocking high risk activities

11. Data Security Management
 Data security management involves a variety of techniques, processes
and practices for keeping business data safe and inaccessible by
unauthorized parties.
 Data security management systems focus on protecting sensitive
data, like personal information or business-critical intellectual
property.
 Ex: Data security management can involve creating information
security policies, identifying security risks, and spotting and assessing
security threats to IT systems.

12. DATA MANAGEMENT
 It is strategic control of data
 It is concerned with:
 Data quality
 Data architecture
 Database management
 Database security
 Data analytics
 Data integration

13. Common Data Management Techniques
Customer Data Management Data Attribute
Data Availability Data Cleansing
Data Consumer Data Control
Data Corruption Data Custodian
Data Entity Data Escrow
Data Integration Data Liberation
Data Lineage Data Loss
Data Masking Data Message
Data Owner Data Profiling
Data Purging Data Quality

14. Customer Data Management
 It is processes and tools for managing customer data including every
interaction with the customer such as
 Contact information
 Quotes
 Purchase history
 Product details
 Feedback
 Customer service tickets
 Many organizations centers only about customer data, including every
process, practice and decisions.
 In some organizations, it is a subset of relationship management.

15. Data Attribute
 Data Entity is an object in a data model. Ex. Customer or
address.
 Entities are containers of attributes and relationships.
 Data Attribute are properties of data entity.

16. Data Availability
 It is termed as UPTIME of data services, infrastructure and
hardware.
 High availability data services are achieved with
reliability engineering and service management
techniques that minimizes failure and mean time to
repair.

17. Data Cleansing
 It is a process of detecting and correcting data quality issues.
 It includes automatic steps such as queries designed to detect broken data.
 It also includes manual steps such as Data Wrangling.
 Data Wrangling is a process of cleaning and transforming data so that it can be
consumed by information technology.
 Data Wrangling is associated with large, messy sets of raw unstructured data.

18.  Corrupt data
 Inconsistent data
 Inaccurate data
 Irrelevant data
 Dirty data
Data Cleansing Examples

19. Data Consumer
 A data producer is a user interface, system or device that
collects data that’s relevant to an organization.
 A data consumer is a user interface, system or tools that
uses data.
 Data producer creates data and data consumers uses it.

20. Data Control
 It is a process of governing and managing data.
 Examples include:
 Data Quality – to ensure accuracy, completeness, credibility and
timeliness of data.
 Audit trail – capturing data logs such that data access’s doesn’t
get unnoticed.
 Information Security – protecting data from unauthorized access.
 Data Custodian – the technical owner of collection of data
responsible for its administration.

21. Data Escrow
It is a practice of storing data with neutral third
party.
A data escrow service takes deposit of data on a
regular basis.

22. Data Integration
 It is a process of moving data.
 This can occur between data sources that create copies or view of the same data
for different purposes. Ex, Data warehouse
 It can also occur between data sources and systems that simply use the data or
display it to a person.

23. Data Liberation
 It is a process of allowing users to view and export the data.
 It can be used as a legal principle
 It reduces privacy concerns as it allows users to see what
we know about them.

24. Data Lineage
 It is a metadata that explains where data came from and
how it was calculated.
 In big data environment, such information can be difficult to
research manually as data flows across large number of
systems.
 Various examples include
 Trading
 Risk management
 Marketing

25. Data Masking
 It is a process of replacing real data with similar fake data for the
purpose of training and testing.
 Creating test data from scratch is extremely resource intensive.
 It is used to remove anything personally identifiable or confidential in
data.

26. Data Profiling
 It is a process of analysing a dataset.
 It is done to support data governance, data management or to make
decisions.
 Common data profiling examples are:
 Data Quality
 Data credibility

27. Data Purging
 It is a method of permanently deleting data such that it can’t be recovered
by standard methods.

29. Why Data Management is
Important
 1. Increases productivity: It reduces the time that people spend looking for
information.
 It ensures that they can do their job efficiently.
 Employees will also be able to understand and communicate information to
others.
 It makes it easy to access past correspondence and prevent miscommunication
due to messages lost in transit.
 2. Smooth operations: A seamless operating system is every business’ dream and
data management can make that a reality.
 It is one of the determining factors in ensuring the success of an organisation; if
one takes too long to respond to their customers or to the changing trends
around them, they run the risk of falling behind.

30.  3. Reduce security risk
 4. Cost effective: It will spend less money trying to fix problems that shouldn’t have
occurred in the first place.
 It also prevents spending time-and money- duplicating information that already exists.
 5. Minimal chance of data loss: It will reduce the chances of losing important company
information.
 It also ensures that your data is backed up and in case of a sudden glitch or system
failure, any data that is lost can be retrieved easily, limiting the repercussions of the
same.
 6. Better decision making: The quality of your decisions improve drastically.
 A centralised system ensures a framework to plan, organise and delegate.
 Additionally, a good system will ensure good feedback,
which in turn will lead to necessary updates to the process that will only benefit your
company in the long run.
Why Data Management is
Important

31. THANK YOU!!!