Solved

system for sensitive data marking

Posted on 2011-09-29
2
356 Views
Last Modified: 2012-05-12
In larger networks/domains - do you have any sort of system, process or documentation to keep track of whcih systems house senstiive or personal data? If so what is your procedure for doing this? I was just thiniking for the auditors benefit if they are doing a generic IT audit of the file systems/databases there priority I assume would be file system storage/databases with sensitive/personal data stored in this. Any tips on hwo you do this in your IT shops espeically larger environments most welcome.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 47

Accepted Solution

by:
apache09 earned 500 total points
ID: 36827362
Generally all Company / Corporate information should considered Private/Sensitive.

Any Personal Informaition Sotred by Staff on these systems, becomes property of the Company/Organization

So in saying that....

Ideally users/Staff should be working from a Shared Network Drive.
They should be discouraged from saving anythhing on their Local PC.
A simple way to acheive this is by telling them Local Data is not supported
If you loose it, it will not be recovered

By following this guideline or similar, Auditors would only need to look at specific network locations to complete their Audits.

As far as having Spoecial Folders or Shares Called Sensitive/Private/Confidential
This is not reccomended

Futhurrmore, who would determine whats sensitive, whats not sensitive, whats private or personal.......

Again, Assuming that all Corporate Info is Sensitive to some degree
One must also consider that there could be some info that more sensitive that other.

Examples would be data/info in relation to the CEO or HR

This info should still be stored in the same area. However one would use NTFS permissions on these areas to restrict access to anyone else who my be "curious"

Hope this helps

Good luck with the Auditors!



0
 
LVL 47

Expert Comment

by:apache09
ID: 36830433
Oh and if you’re looking for an application that automatically detects weather or not I have just created a Private/Sensitive Word document or file containing Controversial Images or personal details of myself; or If I’ve just simply written up document on how to use outlook and each automatically gets saved in special locations……..

Its only 2011. If it exists, not too sure that such artificial intelligence is yet available to Joe Public
0

Featured Post

Upcoming Webinar: Securing your MySQL/MariaDB data

Join Percona’s Chief Evangelist, Colin Charles as he presents Securing your MySQL®/MariaDB® data on Tuesday, July 11, 2017 at 7:00 am PDT / 10:00 am EDT (UTC-7).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Make the most of your online learning experience.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question