Key Data Security Implementation Questions
- What data requires protection?
- What data is unnecessary?
- What data should be segregated?
- Who currently has access to sensitive data? Do they really need access?
- Who will require access to sensitive data in the future?
- Will a data vault reduce the data footprint?
- Can the business systems work with encrypted data?
- Can the business systems work with surrogate (tokenized) data?
- Will systems require any modi?cation to work with protected data?
- Will performance be optimal to support business needs?
- Can a data security framework be built to support the business as a service?
- Will data tokenization meet business needs?
- Will introducing tokenization or encryption technology reduce the risk of data exposure?
Reference
- Insecure Issue 28 - Successful data security programs encompass processes, people, technology by Abir Thakurta