Aug 19, 2020
Data Is the Crown Jewel
Information is the oil of the 21st century, and analytics is the combustion engine.
The data can be either your data or the company’s data or that you have the responsibility for someone else’s data. Do you know where your data is? Do you know who owns your data? Is your data protected? Is that protection enough for them? Probably you may not understand why they collect your data. If it is so your data in danger. So be careful whenever you deal with your data. There are so many outsiders waiting to access your data and make them useful for unauthorized actions. If the data is in the wrong hands, you are in danger.
To prevent or avoid that kind of malicious activities, first, you should know what my data and what type of data included as my private data? So, data privacy depends on how that piece of data relating to your personal. Relatively the importance can differ. Data privacy is one of the most important topics when it comes to the cybersecurity industry.
How data can be protected?
This post will help you to find out how we should protect our data and some tips to do that. As the very first step, you should aware of what is the confidential data I have? Confidential means the data would be accessible only for authorized parties. As the second step, you should be aware of who is going to access my data and which data are they accessing for which purpose. As the third step, you should apply the access control mechanisms on your data.
As an organization data is the crown jewel of the company, some other third party can own those data to keep the company’s reputation. The third party’s data should be store securely. To keep and store data securely as organizations you can use an appropriate policy or regulations. As examples HIPPA, GDPR, PCI-DSS. Not only these policies but also proper access control mechanisms and data categorizations, user authentication mechanisms also should be there to avoid and prevent from malicious activities.
Let ‘s focus on what are the access control mechanisms that can be used to secure data and how policy implementations make an impact on securing personal data like payment card details and general data.
When considering securing Payment card details Payment Card Industry Data Security Standard is the main regulation. The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards formed in 2004 by Visa, MasterCard, Discover Financial Services, JCB International and American Express. Governed by the Payment Card Industry Security Standards Council (PCI SSC), the compliance scheme aims to secure credit and debit card transactions against data theft and fraud.
GDPR compliance also regarding protecting general data. The General Data Protection Regulation (GDPR), agreed upon by the European Parliament and Council in April 2016, will replace the Data Protection Directive 95/46/ec in Spring 2018 as the primary law regulating how companies protect EU citizens’ data. Companies that are already in compliance with the Directive must ensure that they are also compliant with the new requirements of the GDPR before it became effective on May 25, 2018. Companies that fail to achieve GDPR compliance before the deadline will be subject to stiff penalties and fines.
Why are there so many policies for securing data? Because data is the most valuable asset, even in an organization or a person. Think before you relieve your data to another party, are they supposed to keep my data securely? or am I responsible for keeping the privacy of the data? ;)
Written By/Sachitha Gunarathna -4th Year 2nd Semester -Cyber Security Student SLIIT
