CST 630 UMUC Data Loss Prevention Research Paper

User Generated

xnrxnl

Writing

CST 630

University of Maryland University College

CST

Description

The world of technology is changing at an unprecedented pace, and these changes represent business opportunities as well as challenges. Mass connectivity and faster speeds create opportunities for businesses to network more devices, complete more transactions, and enhance transaction quality. Internet Protocol version 6 (IPv6) and internet of things (IoT) are two such technologies that represent significant opportunities for strategic cybersecurity technology professionals to create lasting value for their organizations.

IoT is the phenomenon of connecting devices used in everyday life. It provides an interactive environment of human users and a myriad of devices in a global information highway, always on and always able to provide information. IoT connections happen among many types of devices—sensors, embedded technologies, machines, appliances, smartphones—all connected through wired and wireless networks.

Cloud architectures such as software as a service have further enabled big data analytics and improvement in areas such as automated manufacturing. Data and real-time analytics are now available to workers through wearables and mobile devices.

Such pervasive proliferation of IoT devices gives hackers avenues to gain access to personal data and financial information and increases the complexity of data protection. Given the increased risks of data breaches, newer techniques in data loss prevention should be examined.

Increased bandwidth and increased levels of interconnectivity have allowed data to become dispersed, creating issues for big data integrity. In such a world, even the financial transactions of the future are likely to be different—digital currencies such as Bitcoin may be used for some future financial transactions.

To survive and thrive, organizational technology strategists must develop appropriate technology road maps. These strategists must consider appropriate function, protection, and tamper-proofing of these new communications and transactions.

It will be impossible to protect data by merely concentrating on protecting repositories such as networks or endpoints. Cybersecurity strategists have to concentrate on protecting the data themselves. They will need to ensure that the data are protected no matter where they reside.

In this project, you will work with team members to compile a technology strategy plan for your organization to protect data throughout the company. This project will take about two weeks to complete. There are 10 steps in the project, which will include a 12- to 15-page report, slide presentation, and lab report. First, begin with the project scenario above, and then move to Step 1, where you will be assigned roles within your team and sign the team project charter.


Unformatted Attachment Preview

Project 5: Data Loss Prevention Start Here The world of technology is changing at an unprecedented pace, and these changes represent business opportunities as well as challenges. Mass connectivity and faster speeds create opportunities for businesses to network more devices, complete more transactions, and enhance transaction quality. Internet Protocol version 6 (IPv6) and internet of things (IoT) are two such technologies that represent significant opportunities for strategic cybersecurity technology professionals to create lasting value for their organizations. IoT is the phenomenon of connecting devices used in everyday life. It provides an interactive environment of human users and a myriad of devices in a global information highway, always on and always able to provide information. IoT connections happen among many types of devices—sensors, embedded technologies, machines, appliances, smartphones—all connected through wired and wireless networks. Cloud architectures such as software as a service have further enabled big data analytics and improvement in areas such as automated manufacturing. Data and real-time analytics are now available to workers through wearables and mobile devices. Such pervasive proliferation of IoT devices gives hackers avenues to gain access to personal data and financial information and increases the complexity of data protection. Given the increased risks of data breaches, newer techniques in data loss prevention should be examined. Increased bandwidth and increased levels of interconnectivity have allowed data to become dispersed, creating issues for big data integrity. In such a world, even the financial transactions of the future are likely to be different—digital currencies such as Bitcoin may be used for some future financial transactions. To survive and thrive, organizational technology strategists must develop appropriate technology road maps. These strategists must consider appropriate function, protection, and tamper-proofing of these new communications and transactions. It will be impossible to protect data by merely concentrating on protecting repositories such as networks or endpoints. Cybersecurity strategists have to concentrate on protecting the data themselves. They will need to ensure that the data are protected no matter where they reside. In this project, you will work with team members to compile a technology strategy plan for your organization to protect data throughout the company. This project will take about two weeks to complete. There are 10 steps in the project, which will include a 12- to 15-page report, slide presentation, and lab report. First, begin with the project scenario above, and then move to Step 1, where you will be assigned roles within your team and sign the team project charter. Deliverables • A Cybersecurity Technology Strategic Plan, about 12 to 15 double-spaced pages in a Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. There is no penalty for using additional pages. Include a minimum of six references. Include a reference list in your plan. • A set of about five to 10 narrated PowerPoint slides (written narration or in-class presentation can be substituted for audio/video narration) as an executive overview briefing that reflects the key elements of your team plan. Step 1: Create the Team Project Charter As described in the scenario, you will be working in a small team (usually five members). Your instructor has provided an area for your group discussions, collaboration, and file sharing. Take some time to learn about your teammates (introductions, LinkedIn profiles and bios) to understand the experience and expertise of the team members. Studies on teamwork outline the typical team stages of forming, storming, norming, and performing (see Tuckman, Bruce W. (1965), "Developmental sequence in small groups," Psychological Bulletin, 63, 384-399.) This guidance on teamwork may be helpful. In order to do well, you and your team members must start communicating or "forming" immediately and discuss how you will divide the work. Review the project and if you have portions of the work that play well to your strengths, make this known to your team members. Then develop a project plan and schedule to get the work done. Finally, agree on a communications plan, which allows your team members to know where the project stands. During this stage, you may have disagreements or differences of opinion about roles and division of work. This is a normal aspect of "storming." Once you start agreeing on roles and tasks, you are well on your way to "norming." You should settle on a collaboration space and share drafts of your work in your classroom team locker so your team members and the instructor can see the work progression. All team members must contribute, but the deliverables need to be cohesive. Therefore, each of you will need to review each other's work and help each other during the "performing" phase. While you may have to use collaborative tools outside the classroom, maintain the key documents in the respective team project locker in the classroom. Your team will use this area to establish ground rules for communication and collaboration. Team members will gain an overview of the entire project, establish roles, agree on the division of work, and complete and sign the Team Project Charter. If you sense problems during your team communications sessions, discuss risk management and project adjustments your team may need to make. If you sense trouble, contact your instructor and request intervention as soon as you recognize issues. After the plan is completed, elect one person to attach or link the final document to the team project locker. This step should have been completed early in the term between Weeks 2 and 4. Setting up the team roles and expectations is an important part of this project, and completing the charter is critical to the project's success. When you have completed this important step, move to the next step, where you will select the devices and technologies that will be useful for your company. Step 2: Select Devices and Technologies By now, you have an idea of your team members and your role on the team project. Now, it's time to get the details about the devices and technologies needed to be included in the Strategic Technology Plan for Data Loss Prevention. You should limit the scope of this project by selecting a set of devices and technologies that are most appropriate for data loss prevention for your business mission and future success. Based on your prior knowledge of your company and based on the project roles you agreed upon in the previous step, perform independent research on the following topics and identify a set of devices and technologies that you propose for your company, and your business rationale for selecting them: • IPv6 • internet of things (IoT) • data loss prevention that covers: o data loss prevention o big data analytics o big data integrity o blockchain o data obfuscation o data masking o operational context/context-aware security o data tokenization o tamperproofing o data governance Your team plan should include significant detail about these technologies, including what kinds of IoT devices will be appropriate for the company's use. During your research, you should also see if there might be any issues for integration and implementation, which you will consider in greater detail in a later step in the project. When you've finished detailing the proposed devices and technologies, move to the next step, where the team will outline its goals on how the devices and technologies will ensure the company is prepared for future vulnerabilities. Step 3: Develop Goals and Objectives You and your team members have outlined the proposed devices and technologies for the data loss prevention plan. Next, focus on the organizational mission and develop a set of goals and objectives to show how your set of chosen devices and technologies will help your company prepare for the future. Include a discussion for deploying, maintaining, and securing these devices and technologies. This section of the team plan should also include a discussion on the devices and technologies' impact to the existing company infrastructure and security. When you've completed this section, move to the next step, where you and your team members will conduct a detailed analysis of each device and technology. Step 4: Prepare a SWOT Analysis Table You've identified the technologies and devices, and listed the goals and objectives for their use in the organization. In this step, you will justify adding these devices and technologies to the network infrastructure. In order to do this, perform a strengths, weaknesses, opportunities, and threats (SWOT) analysis of each device/technology being introduced into the infrastructure. A SWOT analysis is a framework that allows you to identify internal and external factors that can affect the implementation of new technology. Such a process can be helpful for decision making and strategic planning. Look at internal and external factors that could influence the successful introduction with respect to the company specific business model and operations. Internal factors are the strengths and weaknesses you found. External factors are the opportunities and threats identified during the SWOT analysis. Determine what these are. Address the following questions in your discussion: • How do they influence the operation and maintenance of the network? • What can be done to overcome these factors? As cybersecurity professionals, you and your team members should stress security-related analysis and create a SWOT chart that includes internal and external factors. This chart and the overall analysis should be a significant part of the Strategic Technology Plan for Data Loss Prevention. In the next step, you and your team members will consider any issues that might come up when you integrate and implement the new devices and technologies. Step 5: Address Integration and Implementation Issues The team has now completed the SWOT analysis and chart. In this step, consider integration and implementation issues you anticipate when you introduce the new devices and technologies network. Integration issues are problems that can arise when you try to implement them into the infrastructure. These include incompatibility issues with existing software and databases, operating systems, network routers, or switches and communications protocols. You will need to address legacy devices in the infrastructure that could cause problems with your implementation. Such devices may have older technologies and can stop working in the new environment or be unable to communicate with these new systems. You may also encounter some infrastructure issues to consider. Include such issues in your discussion. You may want to revisit some of the early research you conducted earlier in the project when you considered the devices and technologies that would be appropriate for the Strategic Technology Plan for Data Loss Prevention. Include the integration and implementation section in your team plan. Then, move to the next step, where you and the team members will update a data-flow diagram and consider other devices and systems that you worked on earlier in the course to be used as part of this project. Step 7: Plan People, Process, and Data Governance Issues You and your team have completed the lab where you updated the company's data-flow chart with the various systems. In this step, you will consider some overall issues for implementation. People, process, and data governance are some of the most important aspects of deploying technology. During this step, think about what processes might already be in place and what changes will be required by the introduction of the new devices and technologies. Think of governance, personnel changes, hiring, and training requirements for users and systems administrators. Determine any gaps or shortcomings that will need to be addressed now or in the future. Think of what accommodations are needed to handle the new technology being deployed in the network. This is an important aspect of the Strategic Technology Plan for Data Loss Prevention. When it's complete, it's time for the team members to complete the report. Step 8: Finalize the Report Now that the sections of your Cybersecurity Technology Strategic Plan have been addressed and developed, you and your team members must compile, review, edit, and proofread all parts of the plan as a team and determine if there are any other challenges to address. Consider the following: • Have you missed discussing some key impact to the organization and its network infrastructure? • In the future, what will the organization need to do to meet its goals and objectives? • How will your organization ensure continuous improvement? • Are there any roadblocks? • How can they be overcome? Your plan should be about 12 to 15 double-spaced pages, submitted as a Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. There is no penalty for using additional pages. Include a minimum of six references. Include a reference list in your plan. Provide a one-page executive summary at the beginning of the paper. In the next step, you and your team members will work on the team presentation. Step 9: Develop the Team Presentation In the previous step, your team completed the plan and executive summary. Now, you will prepare to present your plan to the executive team in an engaging and professional manner. To do this, compose an asynchronous presentation using a set of about five to 10 PowerPoint slides. Your presentation should be a high-level executive overview that reflects the key elements of your team plan. Carve out the presentation so each team member has an opportunity to present for about five or six minutes. When this step is complete, move along to the final step, where you will submit all the components of your project assignment. Step 10: Submit Your Report and Presentation In this final step, a single member of the team can submit all components of the assignment on behalf of the entire team. Make sure all team members have reviewed the materials before submission. You will need to submit the following: • A Cybersecurity Technology Strategic Plan, about 12 to 15 double-spaced pages in a Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. There is no penalty for using additional pages. Include a minimum of six references. Include a reference list in your plan. • A set of about five to 10 narrated PowerPoint slides (written narration or in-class presentation can be substituted for audio/video narration) as an executive overview briefing that reflects the key elements of your team plan. Running head: PROJECT 5 LAB REPORT 1 Project 5 Lab Report University of Maryland University College PROJECT 5 LAB REPORT 2 Project 5 Lab Report PCAP analysis lab report in order to identify potential vulnerabilities and attacks in internet of things (IoT) and SCADA systems. With content inspection it’s possible to observe unencrypted, clear-text data and potentially abuse that information to conduct man in the middle attacks or enumerate information such as firmware, passwords, commands, etc. Scope  Lab environment provided by UMUC  PCAP files of IoT Device and SCADA systems  Identification of interesting packet data and their associated potential vulnerabilities Objectives and Assumptions Objectives include successfully using Wireshark to inspect PCAP files for potentially malicious activity and/or vulnerabilities that exist in the traffic between IoT devices (Amazon Echo) and SCADA devices. Assumptions include known devices that are provided by the UMUC lab instructions indicating specific IP addresses and devices. The setup includes one end workstation with Wireshark installed. Today in History Alexa The laptop/Wireshark (200.150.0.107) connects to WeMo 2 (200.150.0.103). The laptop continues to search for other devices. WeMo 1 (200.150.0.102) finds it as well. An unfamiliar IP, 192.168.211.1, also makes a connection. The laptop runs the setup for WeMo 2 and 1, in that order. When the setup.xml data is requested from a WeMo, all information pertaining to the device is transferred over a TCP connection in plaintext. This includes model number, serial number, mac address, unique device name (UDN), and the firmware/firmware version being run. PROJECT 5 LAB REPORT 3 This presents a security threat as this information can be used to gain control of the WeMo devices. Lab Devices On/Off Alexa The primary IP addresses present in this PCAP are 200.150.0.107 (The laptop/Wireshark), 65.202.58.62 (a Microsoft web service?), and 40.97.155.18 (Outlook.com), WeMo2 (200.150.0.103), and WeMo1 (200.150.0.102). Most of the traffic is sent from 65.202.58.62 to 200.150.0.107 following GET requests. All the data transfers appear to be coded. At one point 200.150.0.107 establishes a TLS connection with 40.97.155.18 and exchanges certificates. Ciphers change periodically. At number 748, the laptop performs a search (Bluetooth?) and finds WeMo1 and WeMo2. Like the previous file, the laptop performs a get request and the WeMo1 transfers all device information in plain text. Presumably this is when the laptop tells WeMo1 to turn on. WeMo2 has the same exchange shortly after. The laptop reconnects to Outlook for a short time before turning off WeMo1 and 2, in that order. Afterwards the computer continues transferring data from Outlook, which is encrypted. Recommendations It is our recommendation that both IoT devices and SCADA devices should implement secure encryption on all network traffic where applicable. It is demonstrated that unencrypted data can lead to man in the middle attacks as demonstrated by the Advantech PCAP file where a Modbus vulnerability was identified and a man in the middle attack was performed. Authentication should also play a part by using a centralized authentication server. PROJECT 5 LAB REPORT 4 PCAP Analysis Screenshots Micro Logix Record Number 41736: Vulnerability Plain Text command PROJECT 5 LAB REPORT 5 Record Number 41735: Vulnerability Plain Text command Record Number 39812: Vulnerability Plain Text command PROJECT 5 LAB REPORT 6 Record Number 38911: Vulnerability Plain Text command Modicon Record Number 2: Vulnerability Illegal Address Exception PROJECT 5 LAB REPORT 7 Record Number 2794: Vulnerability RST, ACK Reset Record Number 1433: Vulnerability Read-Holding Registers WinXP PROJECT 5 LAB REPORT 8 Record Number 1551: Vulnerability Using SMB v1 with Negogiation Erorrs Record Number 22382: Vulnerability Plain Text commands Advantech PROJECT 5 LAB REPORT 9 Record Number 307: Vulnerability Man in the middle attack PROJECT 5 LAB REPORT 10 PROJECT 5 LAB REPORT 11 PROJECT 5 LAB REPORT 12 PROJECT 5 LAB REPORT 13 PROJECT 5 LAB REPORT 14 Conclusions PCAP analysis indicates that there are opportunities to identify sensitive data and even perform attacks against systems when data is not encrypted or authenticated. Continuous monitoring or use of an IDS may assist in preventing attacks or unauthorized access. Use of port security protocols might prevent attempts to sniff packet data.
Purchase answer to see full attachment
Explanation & Answer:
10 Pages
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Please view explanation and answer below.Kindly find the attached answers, and explanation.

Running head: DATA LOSS PREVENTION
1

Data Loss Prevention
Name
Institutional Affiliation

DATA LOSS PREVENTION
2

Data Loss Prevention
Introduction
There are continuous changes that are happening in the field of technology as of today
both because of the continued advancements in technology by the people which is posing both
advantages and risks to organizations. The increase in the number of internet users and the
fast speed of the internet has enabled both businesses, and the people to join the new internet
wave (UMGC, 2021). My company is investing in mass connectivity and data loss prevention.
We have been tasked with compiling a technology strategy plan to install IPv6, internet of
things (IoT), and data loss prevention techniques that will include data governance,
Blockchain, data masking, tokenization, data obfuscation, and more as detailed within the
report to prevent the loss of data for our company. This report covers a strategy plan for the
organization to protect data throughout the company. This report is accompanied by a power
point presentation which is an executive briefing to management. The report will also be
accompanied by Lab results of each individual member of the team.
Devices and Technologies
The term data loss prevention (DLP) refers to a set of procedures ensured by
organizations to make sure that their sensitive organization data is not lost hacked by an
authorized individuals. According to Groot (2020), there are many technologies that help in data
loss prevention. These technologies monitor organization’s networks, data sharing, company
data in the cloud, and all other data forms.
Internet Protocol Version 6 (IPv6)

DATA LOSS PREVENTION
3

IPV6 is the latest version of the Internet Protocol (IP) developed. The data protection
software was developed to replace the old version of IPV4. IP is communications means which
enables technological devices to locate and connect together online. IPv6 identifies IP addresses
from 32 bits to 128 bits, thus ensuring the visibility of computer network addresses regardless of
physical boundaries. IPv6 identifies a larger number of IP addresses with the help of 128-bit
addresses. This large extension of IP address identification enables scalability and it further
ensures strong data security as it guarantees scanning of the host server which makes it tricky for
attackers to hack. Sophos (n.d) says that IPv6 contains an integrity check list that helps to check
the integrity of logging in users, and a running end-to-end encryption in its virtual private
networks. These features are available for all connections and supported by well-matched
systems and devices. This encryption makes it difficult for hackers to now hack into the
computers system. For example, we will use the Secure Neighbor Discovery (SEND) protocol
which ensures that the cryptographic authorization of the hosting server is indeed authentic.
Internet of Things (IoT)
The internet of things (IoT) describes the practice of linking technological devices used
in information sharing in everyday life from home devices, corporate to industrial devices. The
Internet of Things enables individuals, corporates, and businesses to easily share information in
what is referred to as today’s global village (UMGC, 2021). The connections of IoT involves
different forms of technological devices which among others include embedded technologies,
sensors, smartphones, and computers that are linked together using both wireless, and wired
networks. While using the Internet of Things, architecture in the Cloud for example the use
software allow big data analytics and improve activities like automated manufacturing. The

DATA LOSS PREVENTION
4

UMGC (2021) notes that real-time analytics, and data can now be accessible to workers using
mobile devices like phones, and wearables.
Using low-cost computing, big data, the cloud, mobile devices, analytics, and users can
gather, and share information with little to no human intervention. In today’s digital world,
technological devices are able to monitor, record, and change every communications between
connected things. With IoT, hackers can hack into computer systems and misuse the information
of individuals or companies while an authorized. Given that there are many technological
devices connected to the internet today, there is no doubt that misuse of personal or company
information is possible. According to Paloalto, (2021), there are measures that can be
implemented to secure IoT devices in an enterprise. These include the application of tools that
can identify the visibility of hackers, using network segmentation to guarantee data safety, and
adopting strong password practices, continuing to patch and always updating the company’s
firmware, always actively monitoring IoT devices and using strong encryption like WPA2 for
Wi-Fi. In addition, setting up guest network for guests, using multi-factor authentication,
changing default settings are measures that can also be taken to secure IoT devices (Norton,
n.d.).
Data Loss Prevention
According to Proofpoint (2021), data loss prevention (DLP) ensures users do not send
sensitive or critical information outside the corporate network. DLP describes software products
that help a network administrator control the data that users can transfer. The good news with
many of the data loss protection software’s is that they use business data management
regulations that are designed to protect critical and important organizational information not for

DATA LOSS PREVENTION
5

hackers or ineligible users to access it. Like many other firms, we are implementing DLP to
prevent any imaginable insider risks of data breaching by our very own team members
(Takebayashi et al., 2010). As a result of the dispersion of data in different geographic regions,
and the intricacy of today’s internet data hacks, more superior, and sophisticated data loss
prevention software’s are being invented. In relation to our case, DLP strategies will focus on
data safety, and not the enterprise networks or storage endpoints. Today, Information technology
is certainly the basis for all successful businesses. Yet again, IT is prone to security breaches of
data by both internal and external members (Choi, Kaplan, Krishnamurthy, &, Lung, 2019). That
said, the safety of company information is thus an important consideration to take into account
by everyone business in today’s business environment.
Authentication is one of the information system's security principles. This helps to
prevent unauthorized people from having access to an institution's services. Password
authentication based on smart cards is one of the easiest and most common ways of
authentication. Smart cards are also identity carriers that contribute fully to safeguarding access
through high authentication of two-factor models. There are sensitive places in the company t
and about the business world for instance which call for high security of the stored information.
These could include the company’s strategic future plans, marketing plans, intellectual properties
of the organization, and top level decisions that the company intends to implement in the future.
That is, the system must choose who and what service can access (Norton, n.d). Each user can
use an exclusive phone app system. In view of our company, the telephone app-based system
will include personal data and its role on the platform (IT technicians, or administrator,
managers, and employees). Services do however necessitate an adequate level of safety.

DATA LOSS PREVENTION
6

The Multifunctional Smartphone App-based architecture is another technological tool
that can be used in data prevention. This data loss prevention digital App relies on public key
infrastructure technologies for smart devices to guarantee data protection through authentication
and real-time access to several users using different levels of classification. Public Key
Infrastructure (PKI) is a complete structure that requires uses to indicate their digital signatures
as well as public key encryption (Venafi, 2020). This uses the standard ISO 7498-2 for open
systems security architecture. The electronic signature is a strong and individual identity that
makes use of the PKI technology. Non-renewal, authentication, and integrity is possible in the
process of the electronic signing course. The electronic signature will be made up of more other
features including an electronic certificate. Moreover, the credential allows the signatory to be
authenticated, and a certifying authority is signed (CA). The certificate is saved in this approach
in the user's phone app. The smartphone app-based system is used to authenticate the user by
having a private key remaining exclusively utilized by the owner.
Google Authenticator
Authenticator is a Google software-based authenticator that implements a two-stage
verify using a Time-based One-time Password Method (TOTP) for the verification of software
application users, a one-time password algorithm, and a one-time HMAC (HOTP) (GitHub,
2020). It produces a six to eight-digit one-time password which users can input in addition to
their usual login data when logged into a site that support Authenticator, or use an Authenticatorsupported third-party program such as password managers or file hosting services. If a Trojan
compromises the computer that is used for the login procedure, then a Trojan can collect the
username, password and once password.

DATA LOSS PREVENTION
7

Big Data Analytics
Big data refers to large sums of data which is not stored in our daily storage databases for
capturing, managing, and processing of the data. The common examples of big data are high
variability, large volume, and high speed. Big data analytics uses strong data analytic methods
against large, diverse big data sets that include structured, semi-structured and unstructured data,
from different sources, and in different sizes from terabytes to zettabytes (IBM n.d.). The data
tool will thus be helpful to us as regards ensuring the safety of large sums of our company’s data
in particular.
Blockchain
Blockchain is a shared, unhampered ledger that enables the recording of business
transactions as well as monitoring of chattels in a network of business. According to IBM (n.d),
all valuable assets and/or information can be monitored and transacted via the Blockchain
technology with minimal risks and costs charged. The faster and more accurate a business
receives information, the better. Blockchain is preferred for transmitting information since it
offers immediate, shared and completely transparent information stored on an immutable ledger
that can be accessed only by permissioned network members (IBM, n.d.). Blockchain technology
is commonly being used in healthcare facilities, and other business settings to make sure there is
privacy, integrity, and privacy of patient records. In relation to our business setting, Blockchain
technology will be used in the transfer of our clients’ information to ensure its safety.
Data Obfuscation and Data Masking
The term data obfuscation explains the practice through which data important data is
hidden while keeping a few features for use. The expression "data obfuscation" and "data

DATA LOSS PREVENTION
8

masking" are always used together. However, data masking equally means obfuscation if it is
used for testing aims (Xplenty, 2021). As a result, we need to hide some of our organizational
data from hackers, more so our important organizational data or and information relating to our
team members, and other stakeholders for data security reasons and compliance with the laws
that govern data protection.
Data Governance
According to Informatica (2013), data governance is a process that involves the
continued monitoring for the use and storage of data, where it is stored, the reliability of the data
and as well as maintaining its importance to the intended users. Under data governance, we will
make sure that only data with integrity is input into intelligence engines and data analytics for the
making of high-value data-informed decisions.
DLP systems confront numerous obstacles in protecting sensitive data from loss, which
might render the system ineffective. Leaking channels, the human aspect, access rights,
encryption and steganography, data manipulation, scalability and integration, and data
classification are all examples of these (Takebayashi et al., 2010). Implementing a general
method and value proposal for DLP based on the assessment of the risks of data loss with an IT
knowledgeable...


Anonymous
Just the thing I needed, saved me a lot of time.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags