Look at the data in two forms - At Rest & In Motion, once you understand these two concepts it will make complying with the DPS so much easier. The two forms of data need to be handled in very different ways, but both have very different compliance requirements as well which should also be addressed (HIPAA, PCI, FIPS 140-2..........)
At Rest Data
Data at Rest can be stored in many different places and many different forms, this makes having a blanket Standard virtually impossible and would never work for all the different compliance requirements. This is why they need to create a base level of protection and then the different industries can then add their own additional layers of protection.
In Motion Data
Data in motion happens all around us on so many devices and in so many ways, making a standard policy to handle it impossible as there are new devices added all the time. Maybe one day a hacker will use google glass to hack your network, until that happens we need to do more with data at rest and lock down how people can share the data. Once the data is locked down data in motion security becomes so much easier and manageable.
Data in motion happens all around us on so many devices and in so many ways, making a standard policy to handle it impossible as there are new devices added all the time. Maybe one day a hacker will use google glass to hack your network, until that happens we need to do more with data at rest and lock down how people can share the data. Once the data is locked down data in motion security becomes so much easier and manageable.
Focus on the Data At Rest that is where everything can be fixed.
No comments:
Post a Comment