Question

The main threats that physical security components combat are theft, interruptions to services, physical damage, compromised systems and environment integrity, and unauthorized access. However, the information held within the equipment may be much more valuable than the equipment itself.

Which controls we choose to use to mitigate risks to our information depend not only on the value we assign to that information, but also on the dynamic state of that information. Our data exists in one of three states: at rest (like hard disk drives & backup tapes), in motion (like over the internet or network), and in use (like in our RAM).

You work for a large corporation (like Home Depot, Target, Costco, Bank of America, Walmart, etc.) as a security professional. Choose one of these companies and one of these data states (data at rest, in motion or in use). Identify 10 data security controls for that data that you would implement at your company. Always state your references (textbook or internet).

Your initial post should be 100-150 words and reply with a quality question to 2 classmates for full credit.

Answer 1

Hi,

Please find the answer below:

-------------------------------------

Bank Example:

Data security controls to implement in a bank to protect from data threats are:

Password management: Bank organization should implement strong password policy for the bank employees who have access to confidential information.

Data Encryption: Bank data should be encrypted with strong encryption algorithm and keys. All data communication should happen on HTTPS (secure) .

Authentication: Bank organization should implement multi factor authentication for user authentication. For example, one-time password (OTP) for user’s mobile device during the bank portal login.

Authorization: deals with granting data to authenticated users who have access to.

Audit Trails: Application server audit trail records.

Biometrics Access: Biometrics deals with securing bank development centers, office premises with physical characteristics of bank employees, users etc.

Fingerprint access, retina scans etc.

Data Replication in Data Center: Bank data should be replicated on different data centers to avoid accidental data loss.

Digital Signatures/Certificates: Electronic document used for online identity.

Firewall Protection: Bank network ops team should install Firewall to protect the Bank network from intrusion attacks.

Role based access control: Important decisions based on data should be taken as per the roles of the bank organization.

-----------------------------------------

Hope this helps.

Thanks.