12. Determine Data Security Controls

An organization will select appropriate security controls to protect from disclosure or undetected alterations to data whether it is at rest, in use, or in transit. This can include passwords, backups, cryptography, etc.

Data at rest control examples are:

  • Encryption
  • Secure password management
  • Labeling removable media

Data in use and in transit control examples are:

  • End-to-end encryption
  • Link encryption
  • Monitoring and surveillance tools
  • Data Loss Prevention technology

Data disposal control examples are:

  • Data destruction/remanence
  • Erasure
  • Clearing
  • Purging
  • Degaussing

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create your website at WordPress.com
Get started
%d bloggers like this: