Journalists know that a well-written news story should answer these six questions: Who, what, when, where, why and how? As it turns out, they’re just as crucial for infosec pros to consider when protecting information assets. Who owns the data? What is the best way to encrypt it? When should you do a data audit? Where is the data located, onsite or in the cloud or both? Why is one type of data classified differently from another? How can you ensure confidentiality, integrity and availability are continually maintained?
In this Security School, based on (ISC)² CISSP training material on Domain 2 of the exam, learn about various data encryption methods, the ins and outs of data ownership and best practices for securing enterprise data. In his tip and video, expert Adam Gordon discusses core principles of what the CISSP categorizes as Asset Security in Domain 2. Information asset protection requires a nuanced, thoughtful approach that takes all stakeholders and requirements into account, Gordon explains.
Once you've reviewed the parts of this Security School, take the quiz to see how much you have learned about data encryption methods and what it means to practice good data management.
View our Security School Course Catalog to view more lessons.
CISSP® is a registered mark of (ISC)².
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Understanding data encryption methods, data ownership and more
You wouldn't secure the front door of your home with a bike lock and then give every neighbor a spare key. Similarly, securing data requires a careful approach that is tailored for the discrete needs of different stakeholders and use cases.
CISSPs must lead the way in driving good data management, which begins with defining data ownership and access policies. Learn more in this video with infosec expert Adam Gordon. Continue Reading
Data protection does not have a one-size-fits-all solution. Understand which encryption tools and methods best fit different scenarios. Continue Reading
Domain 2 of the CISSP exam, known as asset security, covers data security control, classification, ownership and more. Test your knowledge with this 10-question practice quiz. Continue Reading