sunhux
asked on
Brainstorming: controls required for cross-border sensitive data transfer/handling
Would like to brainstorm: out there what are the controls/measures organizations put in place
when transferring/processing data (within same company) but across countries (which has
different laws & regulations) ?
So far, thought of the following: pls add on or comment. Certainly remove if there are
irrelevant ones.
Endpoint
- Endpoint Encryption (if data flows to endpoint): what about data at rest??
- USB lockdown
Gateway
- Web Scanning
- Email screening
Servers / DB
- Database Activity Monitoring? Is built-in DB audit trail sufficient or need
DB activity monitoring tools like Imperva ?
- Data masking of card# (for PCI-DSS)
- Need DB encryption?
Transmission
- Encryption of files (what are the standards?)
- VPN / secure file transfers (is SSL/TLSV1.2 enough) ?
Non-disclosure agreement
- Is there a need to sign NDA (for intra-company or this applies only to inter-company)
Is this treated as 'Outsourcing' if it's intra-company ?
when transferring/processing data (within same company) but across countries (which has
different laws & regulations) ?
So far, thought of the following: pls add on or comment. Certainly remove if there are
irrelevant ones.
Endpoint
- Endpoint Encryption (if data flows to endpoint): what about data at rest??
- USB lockdown
Gateway
- Web Scanning
- Email screening
Servers / DB
- Database Activity Monitoring? Is built-in DB audit trail sufficient or need
DB activity monitoring tools like Imperva ?
- Data masking of card# (for PCI-DSS)
- Need DB encryption?
Transmission
- Encryption of files (what are the standards?)
- VPN / secure file transfers (is SSL/TLSV1.2 enough) ?
Non-disclosure agreement
- Is there a need to sign NDA (for intra-company or this applies only to inter-company)
Is this treated as 'Outsourcing' if it's intra-company ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.