Solved

system for sensitive data marking

Posted on 2011-09-29
2
315 Views
Last Modified: 2012-05-12
In larger networks/domains - do you have any sort of system, process or documentation to keep track of whcih systems house senstiive or personal data? If so what is your procedure for doing this? I was just thiniking for the auditors benefit if they are doing a generic IT audit of the file systems/databases there priority I assume would be file system storage/databases with sensitive/personal data stored in this. Any tips on hwo you do this in your IT shops espeically larger environments most welcome.
0
Comment
Question by:pma111
  • 2
2 Comments
 
LVL 47

Accepted Solution

by:
apache09 earned 500 total points
Comment Utility
Generally all Company / Corporate information should considered Private/Sensitive.

Any Personal Informaition Sotred by Staff on these systems, becomes property of the Company/Organization

So in saying that....

Ideally users/Staff should be working from a Shared Network Drive.
They should be discouraged from saving anythhing on their Local PC.
A simple way to acheive this is by telling them Local Data is not supported
If you loose it, it will not be recovered

By following this guideline or similar, Auditors would only need to look at specific network locations to complete their Audits.

As far as having Spoecial Folders or Shares Called Sensitive/Private/Confidential
This is not reccomended

Futhurrmore, who would determine whats sensitive, whats not sensitive, whats private or personal.......

Again, Assuming that all Corporate Info is Sensitive to some degree
One must also consider that there could be some info that more sensitive that other.

Examples would be data/info in relation to the CEO or HR

This info should still be stored in the same area. However one would use NTFS permissions on these areas to restrict access to anyone else who my be "curious"

Hope this helps

Good luck with the Auditors!



0
 
LVL 47

Expert Comment

by:apache09
Comment Utility
Oh and if you’re looking for an application that automatically detects weather or not I have just created a Private/Sensitive Word document or file containing Controversial Images or personal details of myself; or If I’ve just simply written up document on how to use outlook and each automatically gets saved in special locations……..

Its only 2011. If it exists, not too sure that such artificial intelligence is yet available to Joe Public
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now