Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

system for sensitive data marking

Posted on 2011-09-29
2
Medium Priority
?
365 Views
Last Modified: 2012-05-12
In larger networks/domains - do you have any sort of system, process or documentation to keep track of whcih systems house senstiive or personal data? If so what is your procedure for doing this? I was just thiniking for the auditors benefit if they are doing a generic IT audit of the file systems/databases there priority I assume would be file system storage/databases with sensitive/personal data stored in this. Any tips on hwo you do this in your IT shops espeically larger environments most welcome.
0
Comment
Question by:pma111
  • 2
2 Comments
 
LVL 47

Accepted Solution

by:
apache09 earned 2000 total points
ID: 36827362
Generally all Company / Corporate information should considered Private/Sensitive.

Any Personal Informaition Sotred by Staff on these systems, becomes property of the Company/Organization

So in saying that....

Ideally users/Staff should be working from a Shared Network Drive.
They should be discouraged from saving anythhing on their Local PC.
A simple way to acheive this is by telling them Local Data is not supported
If you loose it, it will not be recovered

By following this guideline or similar, Auditors would only need to look at specific network locations to complete their Audits.

As far as having Spoecial Folders or Shares Called Sensitive/Private/Confidential
This is not reccomended

Futhurrmore, who would determine whats sensitive, whats not sensitive, whats private or personal.......

Again, Assuming that all Corporate Info is Sensitive to some degree
One must also consider that there could be some info that more sensitive that other.

Examples would be data/info in relation to the CEO or HR

This info should still be stored in the same area. However one would use NTFS permissions on these areas to restrict access to anyone else who my be "curious"

Hope this helps

Good luck with the Auditors!



0
 
LVL 47

Expert Comment

by:apache09
ID: 36830433
Oh and if you’re looking for an application that automatically detects weather or not I have just created a Private/Sensitive Word document or file containing Controversial Images or personal details of myself; or If I’ve just simply written up document on how to use outlook and each automatically gets saved in special locations……..

Its only 2011. If it exists, not too sure that such artificial intelligence is yet available to Joe Public
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
With more and more companies allowing their employees to work remotely, it begs the question: What are some of the security risks involved with remote employees and what actions should we take to secure them?
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question