- Account for data protection in the planning phase of the project. Take compliance and privacy concerns into account in the initial design and architecture.
- Identify data elements that need special protection. What compliance or liability concerns apply to those elements?
- Does the application need access to the complete, raw data set? Can the data be masked, obfuscated, or desensitized?
- What encryption requirements do you have? What encryption solutions are available? Do they interoperate with the authentication methods in the environment?
- Establish standards. It will be easier to keep all the data safe if it is kept in standard templates.
CIO Magazine estimates the value of a data breach at $184-$330 million. Given the cost to an organization's recommendation, there is a business imperative in placing adequate resources and thought behind protecting the data in our custody.
No comments:
Post a Comment