Preview

Data Security, Quality, and Integrity-Regulations and Information Classification

Good Essays
Open Document
Open Document
1069 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Data Security, Quality, and Integrity-Regulations and Information Classification
Regulations and Information Classification One very important task in defining the needed security for a system of data is first to understand the nature of that data and how it is used in a given system. Within any given organization there is a myriad of data that can all be categorized in a different way. We can use this opportunity to discuss the sensitivity of data within our organization and then break it into appropriate classifications to be used when implementing security measures. Additionally, this process will help the organization to conform to the ISO standards the company may be subjected to, in this case, ISO/IEC code 18028. This also directly relates to certain laws that also pertain to the security of information and finally how the organization will be able to test and measure how well these security practices are implemented and followed. Lastly, we can outline here how controls can be created and implemented to enforce these requirements as well as how auditing can validate the effectiveness of these implemented controls. As we begin this analysis, we look to classifying the data we possess. We know that data strategies differ from one organization to the next due to the fact that each organization generates its own different types and volumes of data. Most experts advise that companies classify their data in accordance with their confidentiality requirements in an effort to add more security for increasingly confidential data. For instance, salary information within the organization, if leaked, can be externally damaging, but also very internally sensitive. That being said, there are other forms of data within the organization that really have no security concern at all, for instance, the mass memo stating that the north door of the facility will be under repair next Wednesday or the marketing director will be out of town the third week of next month. This brings us to the concept of tiered data storage. Once data
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Best Essays

    How To CIS 207 Week 3: Riordan New Proposal Project
    • 3105 Words
    • 13 Pages

    How To CIS 207 Week 3: Riordan New Proposal Project

    The department is responsible for educating and assisting in working through the company’s policy and in dealing with policy breaches. Data security, quality, and integrity are valued commodities for a business who wishes to continue to prosper and grow, but the improper handling can also easily jeopardize its future (Pratt, 2008). Riordan’s need to consolidate data that has been created offline and potentially could be out-of-date is a data manager idea of a horror story. Through the use of data management solutions that support transactions processing in one location supports a more secure and efficient high-volume business. What also need to be considered are the multinational laws that Riordan had to adhere to because of its global footprint; legal requirements relating to data vary by country. It would be remiss to overlook the security of employees within the company because security falls under the domain of human resources. To take a safer, smarter approach toward personnel security the proposal will also include recommendations for company badges. A badge policy would keep track of employees as they come and go plus alert employees to the presence of a visitor. Monitoring equipment should also be considered as this would be ideal for public gathering places to record any activity after hours by using a motion sensor…

    • 3105 Words
    • 13 Pages
    Best Essays
    Read More
  • Better Essays

    Kudler Fine Foods IT Security Report FINAL WEEK 5
    • 2101 Words
    • 8 Pages

    Kudler Fine Foods IT Security Report FINAL WEEK 5

    To properly secure an information system means protecting its files and other confidential information from misuse. The current speed of technological growth requires ever evolving security measures to follow these developments. As the members of Team “A” set out to address this need, it was necessary to discuss the requirements. The foundation of all concrete security plans require a detailed knowledge of all current systems, the tools needed to accomplish security needs and employee training. The implementation of these requirements will be outlined within a final Security Presentation.…

    • 2101 Words
    • 8 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    NT2580: Unit 1 Match Risks/Threats to Solutions
    • 789 Words
    • 4 Pages

    NT2580: Unit 1 Match Risks/Threats to Solutions

    Data Classification Standards help Richman Investments to consistently define how this organization should handle and secure our various types of data. This report will focus on the internal use only data and how each of these domains are affected by these standards. Internal use only data refers to information that may or may not be confidential. It is imperative that our organization keep this information in house and away from the public and realize the Domains that need to be addresses with these rigid standards. The three standards that are at the top of the list for our company that will be directly affected are the User, Work Station, and LAN Domains.…

    • 789 Words
    • 4 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    9-Iron Country Club Case Study
    • 449 Words
    • 2 Pages

    9-Iron Country Club Case Study

    Data classification and security requirements – what measures will be implemented to protect the three states of data…

    • 449 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Nt1330 Unit 3 Assignment 1
    • 801 Words
    • 4 Pages

    Nt1330 Unit 3 Assignment 1

    This report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.…

    • 801 Words
    • 4 Pages
    Good Essays
    Read More
  • Powerful Essays

    Nt1330 Unit 1 Assignment
    • 2207 Words
    • 9 Pages

    Nt1330 Unit 1 Assignment

    This paper gives an idea regarding the important aspects of the database security. It mainly focuses on the security parameters such as confidentiality, authenticity and availability of the data. It also explains the different threats for the security in an organization in relation to the database. The basic steps which are required to control the loss of data are explained in detail. Among the controls the encryption process is the one which has to be followed to control the access into an…

    • 2207 Words
    • 9 Pages
    Powerful Essays
    Read More
  • Good Essays

    BSA 375 Week 3 Individual
    • 793 Words
    • 3 Pages

    BSA 375 Week 3 Individual

    As with any other system, all data needs to be kept secure. Employee confidentiality is of paramount importance, particularly in a system that hold and utilizes potentially sensitive personal employee information. Moreover, seemingly innocuous information such as standards and procedures within the company also need to be kept secure. Any secure, sensitive, or proprietary information should be encrypted and password…

    • 793 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    NT2580 Project part 1
    • 606 Words
    • 3 Pages

    NT2580 Project part 1

    Safety of data and information is a real important aspect of a company. Before we can create an outline for general security solutions we must first define what is needed. I recommend that we use a multi-layered security plan. There are a total of seven domains of an IT infrastructure including user domain, workstation domain, LAN domain, LAN-to-WAN domain, WAN domain, remote access domain, and system/application domain.…

    • 606 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    PT2580 Unit 1 Assignment 2
    • 402 Words
    • 2 Pages

    PT2580 Unit 1 Assignment 2

    Classified data in this category is for internal use only. Any release which must be approved prior to releasing or disclosing. Outside the company Its compromise may inconvenience and aserious breech in trust and damage to the company. But this type of data is unlikely to result in a breach of confidentiality, loss of value or serious damage to integrity.…

    • 402 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    store and retrive information unit 219
    • 777 Words
    • 3 Pages

    store and retrive information unit 219

    Information that is stored in an organisation has to follow the security and confidentiality procedures. For example finances, customer’s and employee’s details should be secured and only certain members of staff should be able to access physical and electronic data unless you have been given authorisation. If information gets into the wrong hands it could have serious consequences and might lead to legal action.…

    • 777 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    BSA/310
    • 674 Words
    • 3 Pages

    BSA/310

    In business, an information security is a set of policies to protect the companies and small businesses infrastructure, physical, and information technology assets, and to ensure that information technology users within the domain of the companies and small businesses comply with the rules and guidelines related to the security of the information stored digitally at any network within the boundaries of authority. In short, it can protect data from the outside and even inside threat. The data and information, which the companies and small businesses have, are arguably the most important assets. They should ensure the data confidentiality, integrity, availability, non-repudiation, authentication, and authorization. Most small businesses and companies must have information security to ensure their business and information assets. Information security protects data and controls how it should be distributed within or without the businesses boundaries. This means that information should be encrypted and may have restrictions placed on its distribution to the third party. Information security should protect the data from the outside threats such as:…

    • 674 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Inf/325 Week 3 Information Security Management
    • 801 Words
    • 4 Pages

    Inf/325 Week 3 Information Security Management

    Often Information Technology Directors overlook that information security is more of a people issue rather than a technology issue. We rely heavily on people’s awareness, ethics and behavior, and an understanding of what they want to achieve is essential to accomplish the goals of business. This includes the employees that deliver services and the customers that take advantage of them, as well as the senior executives that outline the budgets.…

    • 801 Words
    • 4 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Unit 3 Assignment 3
    • 288 Words
    • 1 Page

    Unit 3 Assignment 3

    Data classification policy is important for securing data from risks, which includes unauthorized users, modification, disclosure, access, use, and removal. This is to ensure protection on data assets from unauthorized users. Data must be maintained in a secure, accurate and reliable manner and be available for authorized use. In order to implement security measures, the data must be classified into categories like; confidential, restricted, and public. Confidential and restricted will be required some sort of access mechanism to authenticate anyone who wants to access any classified documents. In order to construct a Classification policy, one must know what type of data are available, where they are located, what type of access levels are implemented and what protection level is implemented and does it adhere to compliance regulations.…

    • 288 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Good Essays

    business and administration unit 1
    • 2459 Words
    • 9 Pages

    business and administration unit 1

    Data protection: employees must know their personal data cannot be divulged to a third party and it has to be relevant and not exaggerated.…

    • 2459 Words
    • 9 Pages
    Good Essays
    Read More
  • Better Essays

    nvq 2 diploma confidentiality
    • 1407 Words
    • 6 Pages

    nvq 2 diploma confidentiality

    1.2Legal requirements and codes of practice: issues relating to the legal requirements for secure recording of information eg the common law duty of confidence, the legal requirements for accuracy of information and for information to kept up-to-date, obtaining personal data only for specific, lawful purposes and for personal data to be relevant and not excessive for its purpose; issues relating to the legal requirements for the secure storage of information eg the legal requirements that personal data should not be kept for longer than is necessary for its purpose, security measures to protect against the accidental loss, destruction or damage to personal data, legal requirements for the storage of electronic and manual data and access to secure information; issues relating to the legal requirements for sharing information eg…

    • 1407 Words
    • 6 Pages
    Better Essays
    Read More

Related Topics