Protecting Sensitive Data
The Information Age has brought with it the ability to share, store, and transmit data with the click of a mouse. The risky part of this equation is that storage and transmission of sensitive data across computer systems can be difficult to protect, increasing the need for vigilance.
In the paper world, if a document is marked “Classified” or “Confidential”, we can easily protect it by placing it face-down on our desk when someone walks by that does not have a need to know, lock it in a file cabinet when it is not being used, or when needing to share use a courier or hand-deliver to the appropriate person, and finally when it is no longer needed we can shred it. We need to take these same precautions in the computer world.
Computer systems are complex. They can include operating system software, applications and programs, databases, hardware components, and networks. Each of these elements requires a different method for protecting the data. Adding to the complexity is the dynamism in terms of the way the systems and their parts interact and their requirement for frequent updates to fix bugs or protect against the latest hack attack. All of this collectively underscores the need for each of us to take responsibility to protect the sensitive data we handle.
If you ever have questions about the security of a system or an electronic document you are handling. In general, Information Security professionals suggest that protecting sensitive data requires a combination of people, processes, polices, and technologies.