BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Identify and maintain ownership of data: A guide for CISSPs
CISSPs must lead the way in driving good data management, which begins with defining data ownership and access policies. Learn more in this video with infosec expert Adam Gordon. Watch Now
Journalists know that a well-written news story should answer these six questions: Who, what, when, where, why and how? As it turns out, they’re just as crucial for infosec pros to consider when protecting information assets. Who owns the data? What is the best way to encrypt it? When should you do a data audit? Where is the data located, onsite or in the cloud or both? Why is one type of data classified differently from another? How can you ensure confidentiality, integrity and availability are continually maintained?
In this Security School, based on (ISC)² CISSP training material on Domain 2 of the exam, learn about various data encryption methods, the ins and outs of data ownership and best practices for securing enterprise data. In his tip and video, expert Adam Gordon discusses core principles of what the CISSP categorizes as Asset Security in Domain 2. Information asset protection requires a nuanced, thoughtful approach that takes all stakeholders and requirements into account, Gordon explains.
Once you've reviewed the parts of this Security School, take the quiz to see how much you have learned about data encryption methods and what it means to practice good data management.
View our Security School Course Catalog to view more lessons.
CISSP® is a registered mark of (ISC)².