Academic journal article The Journal of Government Financial Management

Inventorying Data Is the First Step in Protection

Academic journal article The Journal of Government Financial Management

Inventorying Data Is the First Step in Protection

Article excerpt

It's Monday and you get to work early to begin your day. While sipping your morning coffee, the first email you open is from the CIO asking for suggestions on how the organization can best protect hosted data.

You immediately begin to draft your list. What should be first? Data encryption? Strong passwords? Secure the network with firewalls? Physical security controls? Anti-virus software? Continual data backup? Segregation-of-duties controls?

There are many ways to protect data; foremost, consider how to avoid compromising sensitive data under your control. I suggest the first item on the list should be establishing a full understanding of the data you are trying to protect, and only hosting the "right" data.

Organizations often have large databases with dozens of tables and thousands of individual fields. The information may have come from several distinct sources or could be the result of data accumulated over the years by one application. The compilation might include individuals' name, address, phone number, email address, age, gender and income, and even highly sensitive fields such as Social Security and credit card numbers. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.