Domain 2
- Data acquisition -> Data in Use -> Data archival -> Data disposal
Government / Military | Private Sector |
---|---|
Top Secret (grave damage) | Confidential (grave damage / trade secrets etc.) |
Secret (serious damage) | Private (credit card info etc. / could cause damage) |
Confidential (some damage) | Sensitive (company restricted, only used by a subset of employees) |
Sensitive but unclassified | Company confidential (used only by employees) |
unclassified | Public |
- objects have labels / subjects have clearance!
- not used
- encrypted
- being transferred on a network
- encrypt network traffic
- we are using the data
- clean desk policy, print policy etc.
- only trusted individuals
- logs should be in place (audit)
- geo distant / climate controlled / secure
- should not be kept beyond the period of usefulness.
- regulations may apply
- senior exec who makes policies
- Management level, key assign labels and backup frequency
- approve access request
- day-to-day tasks
- techs who do backups, restores, patches
- follow the directions of the data owner
- monitor security, maintain accessibility
- Insuring data integrity (CIA)
- select security controls
- data-center / infrastructure manager
- create and manage sensitive data
- processors manage the data for controllers (outsourced payroll)
- responsible for firewalls / IPS and IDS
- responsible for user behavior and assets created by users
- needs to inform the security administrators if there a any changes
- need to access the data
- user awareness
- follow instructions and policies
- responsible for reviewing and confirming our security policies are implemented correctly
- Remanence : data left over after removal
- ROM
- PROM, EPROM, EEPROM, PLD
- RAM
- SRAM, DRAM, SDRAM
- Flash Memory
- USB Stick
- SSD Drive
- combination of EEPROM and DRAM
- cannot be degaussed
- Paper
- shredding -> cross shredding!
- Digital
- delete (removed, but recoverable)
- format (same as delete, but writes new file structure, still recoverable)
- overwrite (write zeros or random data over the data)
- sanitization (remove data to a point where recovery is infeasible for a given level of effort)
- purge (remove data to a point where recovery is not feasible at all
- degaussing (apply strong magnetic field)
- scoping
- determine which portion of a standard we will deploy
- tailoring
- customizing a standard
- certification
- protection profile is appropriate for the data its stores
- meet the security requirements be the data owner
- accreditation
- data owner accepts the residual risk and the certification