CIS Control 03: Data Protection

Key Takeaways for Control 3 At the heart of a strong data management plan is awareness surrounding the ‘ Five Ws’ of the enterprise’s data: What data does the enterprise store or handle? Who should have access to it? Where is it stored or accessed? When should it be deleted? Why does it need protection? A comprehensive data management plan incorporates the answers to these questions with policy decisions and incident response procedures. Knowing what data an enterprise produces or consumes, as well as being able to classify it based on sensitivity, are the keystones of such a plan…

This article has been indexed from Blog RSS Feed

Read the original article: