Submitted By: Submitted To:
Amit Khare Professor J. Morabito
TABLE OF CONTENTS
INTRODUCTION……………………………………………………………………………….3
OBJECTIVES……………………………………………………………………………………3
GOALS…………………………………………………………………………………………..4
DATA SECURITY POLICIES………………………………………………………………….7
DATA SECURITY SERVICES…………………………………………………………………7
DATA SECURITY SOFTWARES………………………………………………………...……9
DATA SECURITY PRACTICES………………………………………………………………10
DATA ACCESS………………………………………………………………………………...11
DATA ERASURE………………………………………………………………………………12
PRINCIPLES OF IMPLEMENTATION……………………………………………………….13
TATA CONSULTANCY SERVICES………………………………………………………….15
HEXAWARE TECHNOLOGIES………………………………………………………………17
CONCLUSION………………………………………………………………………………….20
REFRENCES……………………………………………………………………………………21
INTRODUCTION
Data security management is a way to maintain the integrity of data and to make sure that the data is not accessible to unauthorized parties or vulnerable to corruption of. Data security ensures privacy in addition to providing protecting to data. Data itself is a raw form of information that is stored on network servers, possible personal computers and in the form of columns, rows and various other formats. This data can be anything from personal files to intellectual property and even highly confidential information. Data Security Management is the planning, development, and execution of security policies and procedures to provide proper authentication, authorization, access, and auditing of data and information assets. Effective data security policies and procedures ensure that the right people can use and update data in the right way, and that all inappropriate access and update is restricted. Understanding and complying with the privacy and confidentiality interests and needs of all stakeholders is in the best interest of any organization. Client, supplier, and constituent relationships all trust in, and depend on, the responsible use of data. Time invested in better understanding of stakeholder interests and concerns generally proves to be a wise investment. An effective data security management function establishes thoughtful governance mechanisms that are easy enough to abide by on a daily operational basis.
OBJECTIVES
Availability of resources
Integrity of information
Confidentiality of information
PURPOSE OF DATA SECURITY
A security policy is a formal statement as to how people can gain or be restricted access to an organization’s information and data. These policies define an overall security system for a corporation and must be put in place for every operation to define what different security goals are needed. Security policies must have the ability to be used long-term. In order for a policy to be flexible and used long term, policies must have different hardware and software solutions just in case any choices already made must change. The structure of a policy would include:
A statement of the issue that the policy brings to terms. A statement about each person’s individual position within the policy. How the policy adapts to your organization’s settings. The specific roles and responsibilities of those affected directly or indirectly by the policy. A statement on what level of compliance is necessary, and what levels are not.
To provide effective and economical directives for risk mitigation, security policies must be put in place. They should be based on a formal point of view, determined by management of a corporation. It must state similarly, that any confidential data is protected, made to be accessed by specific people, and cannot be compromised for its credibility will be placed at risk. Processing resources such as applications, networks and systems, hardware and software, do not have to be accessible at all times, but must authorized personnel must be properly identified