SlideShare a Scribd company logo

Is Your Data Safe? Key Steps to Secure Sensitive Information

Download as PPTX, PDF
T
Tapan Khilar

Data security

Data & Analytics
1 of 19
It’s your data – are you sure it’s safe?
 Data is any type of stored digital information  Every company needs places to store institutional knowledge and data.  Frequently that data contains proprietary information  Personally Identifiable Data  Employee HR Data  Financial Data  The security and confidentiality of this data is of critical importance.
 Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
 Security is about the protection of assets.  Prevention: measures taken to protect your assets from being damaged.  Detection: measures taken to allow you to detect when an asset has been damaged, how it was damaged and who damaged it.  Reaction: measures that allow you to recover your assets.
 A security policy is a comprehensive document that defines a companies’ methods for prevention, detection, reaction, classification, accountability of data security practices and enforcement methods.  It generally follows industry best practices as defined by ISO 17799,27001-02, PCI, ITIL, SAS-70, HIPPA , SOX or a mix of them. Security Policy
 The security policy is the key document in effective security practices.  Once it has been defined it must be implemented and modified and include any exceptions that may need to be in place for business continuity.  All users need to be trained on these best practices with continuing education at regular intervals.
 Data needs to be classified in the security policy according to its sensitivity.  Once this has taken place, the most sensitive data has extra measures in place to safeguard and ensure its integrity and availability.  All access to this sensitive data must be logged.  Secure data is usually isolated from other stored data.
 Controlling physical access to the data center or area where the data is stored.  Active or Open Directory is a centralized authentication management system that is available to companies to control and log access to any data on the system.  Encryption of the sensitive data is critical before transmission across public networks
 The use of firewalls on all publicly facing WAN connections.  Deploying VLANs’ and ACLs’ to isolate sensitive departments from the rest of the network.  Shutting down unused switch ports.  If wireless is deployed, use authentication servers to verify and log the identity of those logging on.  Anti-Virus and malicious software protection on all systems.
 There are four key issues in the security of databases just as with all security systems  Availability  Authenticity  Integrity  Confidentiality
 Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
 . Need to ensure that the data has been edited by an authorized source  Need to confirm that users accessing the system are who they say they are  Need to verify that all report requests are from authorized users  Need to verify that any outbound data is going to the expected receiver
 . Need to verify that any external data has the correct formatting and other metadata  Need to verify that all input data is accurate and verifiable  Need to ensure that data is following the correct work flow rules for your institution/corporation  Need to be able to report on all data changes and who authored them to ensure compliance with corporate rules and privacy laws.
 . Need to ensure that confidential data is only available to correct people  Need to ensure that entire database is security from external and internal system breaches  Need to provide for reporting on who has accessed what data and what they have done with it  Mission critical and Legal sensitive data must be highly security at the potential risk of lost business and litigation
DATA SECURITY - PASSWORD Password protection is a security process that protects information accessible via computers that needs to be protected from certain users. Password protection allows only those with an authorized password to gain access to certain information. A strong password consists of at least six characters (and the more characters, thestronger the password) that are a combination of letters, numbers and symbols (@, #, $, %, etc.) if allowed. Passwords are typically case-sensitive, so a strong password contains letters in both uppercase and lowercase.
Windows 10 Sign in options  PASSWORD  PIN  PICTURE Nine-character passwords take five days to break, 10-character words take four months, and 11-character passwords take 10 years. Make it up to 12 characters, and you're looking at 200 years' worth of security – not bad for one little letter.
Encryption is the process of translating plain text data (plaintext) into something that appears to be random and meaningless (ciphertext). ... A symmetric key is used during both the encryption and decryption processes. To decrypt a particular piece of ciphertext, the key that was used to encrypt the data must be used.
Encryption is important because it allows you to securely protect data that you don't want anyone else to have access. Types of encryption:- DES RSA AES BLOWISH TWOFISH There are quite a few free tools that will allow to encrypt whole text documents. Veracrypt, Bitlocker, AxCrypt.
Is Your Data Safe? Key Steps to Secure Sensitive Information

Recommended

Data security
Data securityData security
Data securityForeSolutions
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security ExplainedHappiest Minds Technologies
 
Data security
Data securityData security
Data securityAbdulBasit938
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - EnglishData Security
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Network Security
Network Security Network Security
Network Security Abdul Qadir Pattal
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 

Recommended

Data security
Data securityData security
Data securityForeSolutions
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security ExplainedHappiest Minds Technologies
 
Data security
Data securityData security
Data securityAbdulBasit938
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - EnglishData Security
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Network Security
Network Security Network Security
Network Security Abdul Qadir Pattal
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security Shreedevi Tharanidharan
 
Data security
Data securityData security
Data securitySoumen Mondal
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint SecurityAhmed Hashem El Fiky
 
Security models
Security models Security models
Security models LJ PROJECTS
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Sudhanshu Chauhan
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Network Intelligence India
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementNada G.Youssef
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptxNBBNOC
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Database security
Database securityDatabase security
Database securityMurchana Borah
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 

More Related Content

What's hot

The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Security models
Security models Security models
Security models LJ PROJECTS
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Sudhanshu Chauhan
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementNada G.Youssef
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptxNBBNOC
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 

What's hot (20)

The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Information security
Information securityInformation security
Information security
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security
 
Data security
Data securityData security
Data security
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
 
Security models
Security models Security models
Security models
 
Data Security
Data SecurityData Security
Data Security
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from Symantec
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
 
Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)Tools for Open Source Intelligence (OSINT)
Tools for Open Source Intelligence (OSINT)
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
Security policies
Security policiesSecurity policies
Security policies
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident Management
 
Cia security model
Cia security modelCia security model
Cia security model
 
Endpoint Security Pres.pptx
Endpoint Security Pres.pptxEndpoint Security Pres.pptx
Endpoint Security Pres.pptx
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Database security
Database securityDatabase security
Database security
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
 

Similar to Is Your Data Safe? Key Steps to Secure Sensitive Information

what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015Jeffery Brown
 
Database & Data Security
Database & Data SecurityDatabase & Data Security
Database & Data SecurityCloudbells.com
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfV2Infotech1
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxV2Infotech1
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxcuddietheresa
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxsalmonpybus
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 
Unit 1 Information Security.docx
Unit 1 Information Security.docxUnit 1 Information Security.docx
Unit 1 Information Security.docxPrernaThakwani
 
Data security to protect pci data flow ulf mattsson - insecure-mag-40
Data security to protect pci data flow ulf mattsson - insecure-mag-40Data security to protect pci data flow ulf mattsson - insecure-mag-40
Data security to protect pci data flow ulf mattsson - insecure-mag-40Ulf Mattsson
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation Technology Society Nepal
 
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docxExcel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docxgitagrimston
 
Security and Safe Keeping of Official Information by DPO
Security and Safe Keeping of Official Information by DPOSecurity and Safe Keeping of Official Information by DPO
Security and Safe Keeping of Official Information by DPOAtlantic Training, LLC.
 
Cyber security
Cyber securityCyber security
Cyber securityPrem Raval
 
CLOUD SECURITY.pptx
CLOUD SECURITY.pptxCLOUD SECURITY.pptx
CLOUD SECURITY.pptxMrPrathapG
 

Similar to Is Your Data Safe? Key Steps to Secure Sensitive Information (20)

what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015
 
Database & Data Security
Database & Data SecurityDatabase & Data Security
Database & Data Security
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdf
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptx
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
 
Unit 1 Information Security.docx
Unit 1 Information Security.docxUnit 1 Information Security.docx
Unit 1 Information Security.docx
 
Data security to protect pci data flow ulf mattsson - insecure-mag-40
Data security to protect pci data flow ulf mattsson - insecure-mag-40Data security to protect pci data flow ulf mattsson - insecure-mag-40
Data security to protect pci data flow ulf mattsson - insecure-mag-40
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & process
 
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docxExcel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
 
Security and Safe Keeping of Official Information by DPO
Security and Safe Keeping of Official Information by DPOSecurity and Safe Keeping of Official Information by DPO
Security and Safe Keeping of Official Information by DPO
 
Encrypt-Everything-eB.pdf
Encrypt-Everything-eB.pdfEncrypt-Everything-eB.pdf
Encrypt-Everything-eB.pdf
 
Data Security
Data SecurityData Security
Data Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
CLOUD SECURITY.pptx
CLOUD SECURITY.pptxCLOUD SECURITY.pptx
CLOUD SECURITY.pptx
 

More from Tapan Khilar

CYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptxCYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptxTapan Khilar
 
SNMP_ network monitoring.pptx
SNMP_ network monitoring.pptxSNMP_ network monitoring.pptx
SNMP_ network monitoring.pptxTapan Khilar
 
cctv setup (2).pptx
cctv setup (2).pptxcctv setup (2).pptx
cctv setup (2).pptxTapan Khilar
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptxTapan Khilar
 
IT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptxIT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptxTapan Khilar
 
mobile security.pptx
mobile security.pptxmobile security.pptx
mobile security.pptxTapan Khilar
 
Snmp network monitoring
Snmp network monitoringSnmp network monitoring
Snmp network monitoringTapan Khilar
 
Server operating system
Server operating systemServer operating system
Server operating systemTapan Khilar
 
Memory and storage
Memory and storageMemory and storage
Memory and storageTapan Khilar
 
Input and output device
Input and output deviceInput and output device
Input and output deviceTapan Khilar
 
I series processor
I series processorI series processor
I series processorTapan Khilar
 
Computer networking
Computer networkingComputer networking
Computer networkingTapan Khilar
 

More from Tapan Khilar (20)

CYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptxCYBER SECURITY AWARENESS.pptx
CYBER SECURITY AWARENESS.pptx
 
SNMP_ network monitoring.pptx
SNMP_ network monitoring.pptxSNMP_ network monitoring.pptx
SNMP_ network monitoring.pptx
 
cctv setup (2).pptx
cctv setup (2).pptxcctv setup (2).pptx
cctv setup (2).pptx
 
FIBER OPTICS .ppt
FIBER OPTICS .pptFIBER OPTICS .ppt
FIBER OPTICS .ppt
 
IDS VS IPS.pptx
IDS VS IPS.pptxIDS VS IPS.pptx
IDS VS IPS.pptx
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
 
IT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptxIT ACT 2000 _ AA 2008_TAPAN.pptx
IT ACT 2000 _ AA 2008_TAPAN.pptx
 
mobile security.pptx
mobile security.pptxmobile security.pptx
mobile security.pptx
 
Acl cisco
Acl ciscoAcl cisco
Acl cisco
 
Snmp network monitoring
Snmp network monitoringSnmp network monitoring
Snmp network monitoring
 
Server operating system
Server operating systemServer operating system
Server operating system
 
Operating systems
Operating systemsOperating systems
Operating systems
 
Network switch
Network switchNetwork switch
Network switch
 
Network devices
Network devicesNetwork devices
Network devices
 
Memory and storage
Memory and storageMemory and storage
Memory and storage
 
Ip addressing
Ip addressingIp addressing
Ip addressing
 
Internet security
Internet securityInternet security
Internet security
 
Input and output device
Input and output deviceInput and output device
Input and output device
 
I series processor
I series processorI series processor
I series processor
 
Computer networking
Computer networkingComputer networking
Computer networking
 

Recently uploaded

20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdfHuman37
 
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样vhwb25kk
 
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Sapana Sha
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]📊 Markus Baersch
 
Call Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceCall Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceSapana Sha
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFAAndrei Kaleshka
 
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一F sss
 
Industrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfIndustrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfLars Albertsson
 
9654467111 Call Girls In Munirka Hotel And Home Service
9654467111 Call Girls In Munirka Hotel And Home Service9654467111 Call Girls In Munirka Hotel And Home Service
9654467111 Call Girls In Munirka Hotel And Home ServiceSapana Sha
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubaihf8803863
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationshipsccctableauusergroup
 
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...ThinkInnovation
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfgstagge
 
B2 Creative Industry Response Evaluation.docx
B2 Creative Industry Response Evaluation.docxB2 Creative Industry Response Evaluation.docx
B2 Creative Industry Response Evaluation.docxStephen266013
 
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一F La
 
INTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTDINTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTDRafezzaman
 
RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998YohFuh
 

Recently uploaded (20)

E-Commerce Order PredictionShraddha Kamble.pptx
E-Commerce Order PredictionShraddha Kamble.pptxE-Commerce Order PredictionShraddha Kamble.pptx
E-Commerce Order PredictionShraddha Kamble.pptx
 
20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf
 
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
 
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
Saket, (-DELHI )+91-9654467111-(=)CHEAP Call Girls in Escorts Service Saket C...
 
Call Girls in Saket 99530🔝 56974 Escort Service
Call Girls in Saket 99530🔝 56974 Escort ServiceCall Girls in Saket 99530🔝 56974 Escort Service
Call Girls in Saket 99530🔝 56974 Escort Service
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]
 
Call Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceCall Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts Service
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFA
 
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
办理学位证中佛罗里达大学毕业证,UCF成绩单原版一比一
 
Industrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdfIndustrialised data - the key to AI success.pdf
Industrialised data - the key to AI success.pdf
 
9654467111 Call Girls In Munirka Hotel And Home Service
9654467111 Call Girls In Munirka Hotel And Home Service9654467111 Call Girls In Munirka Hotel And Home Service
9654467111 Call Girls In Munirka Hotel And Home Service
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
 
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships
 
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdf
 
B2 Creative Industry Response Evaluation.docx
B2 Creative Industry Response Evaluation.docxB2 Creative Industry Response Evaluation.docx
B2 Creative Industry Response Evaluation.docx
 
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
办理(Vancouver毕业证书)加拿大温哥华岛大学毕业证成绩单原版一比一
 
INTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTDINTERNSHIP ON PURBASHA COMPOSITE TEX LTD
INTERNSHIP ON PURBASHA COMPOSITE TEX LTD
 
RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998RA-11058_IRR-COMPRESS Do 198 series of 1998
RA-11058_IRR-COMPRESS Do 198 series of 1998
 

Is Your Data Safe? Key Steps to Secure Sensitive Information

  • 1. It’s your data – are you sure it’s safe?
  • 2.  Data is any type of stored digital information  Every company needs places to store institutional knowledge and data.  Frequently that data contains proprietary information  Personally Identifiable Data  Employee HR Data  Financial Data  The security and confidentiality of this data is of critical importance.
  • 3.  Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
  • 4.  Security is about the protection of assets.  Prevention: measures taken to protect your assets from being damaged.  Detection: measures taken to allow you to detect when an asset has been damaged, how it was damaged and who damaged it.  Reaction: measures that allow you to recover your assets.
  • 5.  A security policy is a comprehensive document that defines a companies’ methods for prevention, detection, reaction, classification, accountability of data security practices and enforcement methods.  It generally follows industry best practices as defined by ISO 17799,27001-02, PCI, ITIL, SAS-70, HIPPA , SOX or a mix of them. Security Policy
  • 6.  The security policy is the key document in effective security practices.  Once it has been defined it must be implemented and modified and include any exceptions that may need to be in place for business continuity.  All users need to be trained on these best practices with continuing education at regular intervals.
  • 7.  Data needs to be classified in the security policy according to its sensitivity.  Once this has taken place, the most sensitive data has extra measures in place to safeguard and ensure its integrity and availability.  All access to this sensitive data must be logged.  Secure data is usually isolated from other stored data.
  • 8.  Controlling physical access to the data center or area where the data is stored.  Active or Open Directory is a centralized authentication management system that is available to companies to control and log access to any data on the system.  Encryption of the sensitive data is critical before transmission across public networks
  • 9.  The use of firewalls on all publicly facing WAN connections.  Deploying VLANs’ and ACLs’ to isolate sensitive departments from the rest of the network.  Shutting down unused switch ports.  If wireless is deployed, use authentication servers to verify and log the identity of those logging on.  Anti-Virus and malicious software protection on all systems.
  • 10.  There are four key issues in the security of databases just as with all security systems  Availability  Authenticity  Integrity  Confidentiality
  • 11.  Data needs to be available at all necessary times  Data needs to be available to only the appropriate users  Need to be able to track who has access to and who has accessed what data
  • 12.  . Need to ensure that the data has been edited by an authorized source  Need to confirm that users accessing the system are who they say they are  Need to verify that all report requests are from authorized users  Need to verify that any outbound data is going to the expected receiver
  • 13.  . Need to verify that any external data has the correct formatting and other metadata  Need to verify that all input data is accurate and verifiable  Need to ensure that data is following the correct work flow rules for your institution/corporation  Need to be able to report on all data changes and who authored them to ensure compliance with corporate rules and privacy laws.
  • 14.  . Need to ensure that confidential data is only available to correct people  Need to ensure that entire database is security from external and internal system breaches  Need to provide for reporting on who has accessed what data and what they have done with it  Mission critical and Legal sensitive data must be highly security at the potential risk of lost business and litigation
  • 15. DATA SECURITY - PASSWORD Password protection is a security process that protects information accessible via computers that needs to be protected from certain users. Password protection allows only those with an authorized password to gain access to certain information. A strong password consists of at least six characters (and the more characters, thestronger the password) that are a combination of letters, numbers and symbols (@, #, $, %, etc.) if allowed. Passwords are typically case-sensitive, so a strong password contains letters in both uppercase and lowercase.
  • 16. Windows 10 Sign in options  PASSWORD  PIN  PICTURE Nine-character passwords take five days to break, 10-character words take four months, and 11-character passwords take 10 years. Make it up to 12 characters, and you're looking at 200 years' worth of security – not bad for one little letter.
  • 17. Encryption is the process of translating plain text data (plaintext) into something that appears to be random and meaningless (ciphertext). ... A symmetric key is used during both the encryption and decryption processes. To decrypt a particular piece of ciphertext, the key that was used to encrypt the data must be used.
  • 18. Encryption is important because it allows you to securely protect data that you don't want anyone else to have access. Types of encryption:- DES RSA AES BLOWISH TWOFISH There are quite a few free tools that will allow to encrypt whole text documents. Veracrypt, Bitlocker, AxCrypt.