This chapter provides an overview of data security controls and data handling using a high-level illustration. Data can exist in different states in an organization. It can be in e-mails, stored on a USB stick, printed on paper, or spoken in conversations. Hence, in any of these states, appropriate security controls are necessary to protect such information assets.
The following topics are covered in this chapter:
Critical data that may require CIA safeguards can exist in different states and reside in multiple locations in your corporation. Data can be in motion, as in e-mails, or data can be at rest, as in databases, or data can be in use, as in laptop or portable devices. Security controls are required to protect the data in any state or location. However, protection mechanisms vary depending on the data state.
Observe the following illustration: