Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Approach to Information Security                   Rahul Khattar
Approach to Information Security  Setting the Agenda                             • Making           Information           ...
Approach to Information Security     Where does Information Reside?                                    On File-Servers (FT...
Approach to Information Security   Classification                             What is Information Classification?         ...
Approach to Information Security  Protection                 What is Protection?                 Ensure that only legit us...
Approach to Information Security  Audit                          Auditing Information Usage                          Track...
Approach to Information Security End User Training                    What is Training                    Educate employee...
Approach to Information Security Importance of DFA in building better policies                         Data Flow Analysis ...
More Info?     www.seclore.com    +91-22-6130-42009
Upcoming SlideShare
Loading in …5
×

Information awareness program

247 views

Published on

This is a simple slide to showcase on why companies need to protect data, classify information and how Seclore IRM as a platform help you get to your targets

Published in: Business
  • Be the first to comment

  • Be the first to like this

Information awareness program

  1. 1. Approach to Information Security Rahul Khattar
  2. 2. Approach to Information Security Setting the Agenda • Making Information available to all users, is essential for the enterprise to conduct its business • Leakage of such information may impact the organization adversely Five step approach to make information available and secureInformation Location  Classification  Protection  Audit  Training
  3. 3. Approach to Information Security Where does Information Reside? On File-Servers (FTP)Shared Within DMSfolders Backup Content Emails Management Backup Tapes Extracts from BI toolsLaptops Removable Mobile Printer hard disk media devices This Information is shared with Employees/ Vendors/ Partners/ Desktops Email Consultants/ Contractors/ Auditors Recognize where information exists Information Location  Classification  Protection  Audit  Training
  4. 4. Approach to Information Security Classification What is Information Classification? It is the science to describe principles that need to be followed to protect information It guides you on how and to whom you can distribute information with a particular classification Why Classify? Classification of information is essential for every business because without classification everyone treats the same piece of information differently, which could have major consequencesClassified data helps to better define and implement protection policiesInformation Location  Classification  Protection  Audit  Training
  5. 5. Approach to Information Security Protection What is Protection? Ensure that only legit users have access to the data Control data with internal/external users Define and apply policies based on Classification Why Protect? Protection enables the enterprises to manage the usage and consumption of its valuable dataInformation Location  Classification  Protection  Audit  Training
  6. 6. Approach to Information Security Audit Auditing Information Usage Track all end user actions on protected information Generate and analyze reports Keep a close eye on all your data that resides within or outside the organizationWhy Audit Information Usage?To understand the Information consumption patternTo showcase the shortcomings of existing policiesTo fine tune “Control-Policies” for your confidential dataInformation Location  Classification  Protection  Audit  Training
  7. 7. Approach to Information Security End User Training What is Training Educate employees on Information Usage Ensure participation, role play for users Using email, standees, flyers, KM portal as a medium of knowledge transferWhy Train Staff?Helps enterprise define better control-policies on dataMinimize accidental misuse of informationEnsure technology platform is well accepted Training ensures User participation and acceptanceInformation Location  Classification  Protection  Audit  Training
  8. 8. Approach to Information Security Importance of DFA in building better policies Data Flow Analysis is an activity to understand what is valuable information and which department holds it It also helps in tracking the information and the consumption pattern & risk DFA maps the information flow for a particular business process DFA clearly points out the security issues attached with a piece of information at different stages of its lifecycle DFA sharpens classification and protection policies on information
  9. 9. More Info? www.seclore.com +91-22-6130-42009

×