Thursday, May 16, 2013

Data Protection Pointers

eWeek recently posted a slideshow describing several suggestions for planning a data protection policy in a Hadoop framework. The pointers apply to other data environments as well:
  1. Account for data protection in the planning phase of the project. Take compliance and privacy concerns into account in the initial design and architecture.
  2. Identify data elements that need special protection. What compliance or liability concerns apply to those elements?
  3. Does the application need access to the complete, raw data set? Can the data be masked, obfuscated, or desensitized?
  4. What encryption requirements do you have? What encryption solutions are available? Do they interoperate with the authentication methods in the environment?
  5. Establish standards. It will be easier to keep all the data safe if it is kept in standard templates.

CIO Magazine estimates the value of a data breach at $184-$330 million. Given the cost to an organization's recommendation, there is a business imperative in placing adequate resources and thought behind protecting the data in our custody.

No comments: