Download - Information awareness program
![Page 1: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/1.jpg)
Approach to Information Security
Rahul Khattar
![Page 2: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/2.jpg)
Setting the Agenda
• Making Information available to all users, is essential for the enterprise to conduct its business
• Leakage of such information may impact the organization adversely
Five step approach to make information available and secure
Information Location Classification Protection Audit Training
Approach to Information Security
![Page 3: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/3.jpg)
Where does Information Reside?On File-Servers (FTP)Within DMSEmailsBackup TapesExtracts from BI toolsPrinter hard disk
This Information is shared withEmployees/ Vendors/ Partners/ Consultants/ Contractors/ Auditors
Removable media
Content Management
Shared folders
Desktops
Mobile devices
Backup
Laptops
Approach to Information Security
Information Location Classification Protection Audit Training
Recognize where information exists
![Page 4: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/4.jpg)
ClassificationWhat is Information Classification?
It is the science to describe principles that need to be followed to protect information
It guides you on how and to whom you can distribute information with a particular classification
Why Classify?
Classification of information is essential for every business because without classification everyone treats the same piece of information differently, which could have major consequences
Approach to Information Security
Information Location Classification Protection Audit Training
Classified data helps to better define and implement protection policies
![Page 5: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/5.jpg)
ProtectionWhat is Protection?Ensure that only legit users have access to the dataControl data with internal/external usersDefine and apply policies based on Classification
Why Protect?Protection enables the enterprises to manage the usage and consumption of its valuable data
Approach to Information Security
Information Location Classification Protection Audit Training
![Page 6: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/6.jpg)
AuditAuditing Information UsageTrack all end user actions on protected information Generate and analyze reportsKeep a close eye on all your data that resides within or outside the organization
Why Audit Information Usage?To understand the Information consumption patternTo showcase the shortcomings of existing policiesTo fine tune “Control-Policies” for your confidential data
Approach to Information Security
Information Location Classification Protection Audit Training
![Page 7: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/7.jpg)
End User Training
Why Train Staff?Helps enterprise define better control-policies on dataMinimize accidental misuse of informationEnsure technology platform is well accepted
Information Location Classification Protection Audit Training
What is TrainingEducate employees on Information UsageEnsure participation, role play for usersUsing email, standees, flyers, KM portalas a medium of knowledge transfer
Approach to Information Security
Training ensures User participation and acceptance
![Page 8: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/8.jpg)
Data Flow Analysis is an activity to understand what is valuable information and which department holds it
It also helps in tracking the information and the consumption pattern & risk
Importance of DFA in building better policies
DFA maps the information flow for a particular business process
DFA clearly points out the security issues attached with a piece of information at different stages of its lifecycle
Approach to Information Security
DFA sharpens classification and protection policies on information
![Page 9: Information awareness program](https://reader035.vdocuments.net/reader035/viewer/2022062406/55923e971a28ab313f8b45e5/html5/thumbnails/9.jpg)
9
More Info?
www.seclore.com+91-22-6130-4200