Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
3 views

Key data security strategies to implement in 2021

Uploaded by

ochandadon
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
3 views

Key data security strategies to implement in 2021

Uploaded by

ochandadon
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 2

Key data security strategies to implement in 2025

It is vitally important to implement a world class data security strategy,


which incorporates cybersecurity specialists, all non-technical staff, up to
date processes and leading edge cybersecurity technologies and solutions
including cloud-based offerings. In order to have effective controls and
policies one must align the organizational culture in order to have the
appropriate organizational mindset. This means making information security
a priority across all areas of the enterprise while augmenting the same with
physical security.

Below are the key building blocks of a robust data security strategy:

1. Biometric Access control of the data center, servers and key network
components
2. Access management and control of the use of CPE’s including laptops
and phone
3. Application security and patching of OS and middleware software
4. A robust Backup and replication policy and practices
5. Regular Employee Cybersecurity Awareness Training
6. Network Access Control and endpoint security

1. Physical security of servers and user devices


There are options to store your data on-prem, in a private cloud or in
the public cloud. Regardless of the option you chose, you need to have
adequate fire suppression measures and climate controls in place (for
on-prem situations. You also need to secure your key facilities against
attackers. A cloud provider assumes responsibility for these protective
measures on your behalf but their implementation is dependent on your
policies which must be developed in-house and provided to the Cloud
Service Provider.

2. Access management and controls


It is advisable to follow the principle of “least-privilege access”
throughout your entire IT environment. This means granting database,
network and administrative account access to as few people as possible
and strictly on a ‘need to know basis”.

3. Application security and patching


For applications, the most advisable thing to do it update all software to
the latest versions as soon as these become available from the vendors
and for patches or the release of new versions immediately they are
published to avoid being exposed to vulnerabilities.

4. Backup and Replication Policies


Maintaining usable and regularly tested backup procedures of all critical
data is a core component of any robust data security strategy. In
addition, all backups should be subject to the same cyber security
controls that govern access to the primary databases and core system
otherwise they become a loophole through which a hacker can gain
access to key organizational data.

5. Regular Employee Cybersecurity Awareness Training


Regular Cybersecurity awareness training transforms your employees
into “human firewalls”. Teaching them the importance of best practice
when it comes to cyber security and the need to maintain the set
password maintenance policies and training them to be aware of
loopholes and areas of potential attacks can be vital in safeguarding
your data.

6. Network and endpoint security monitoring and controls


Implementing a comprehensive Network Access Control (NAC) and a
robust suite of threat management, detection and response (EDR) tools
in both on-prem and cloud environments can lower risks and reduce the
chance of a breach.

In conclusion, data security is not a one-time exercise but rather a


continuous process that required proactive policies, practices and the
engagement of all staff as well as our cloud service provider.

You might also like