Professional Documents
Culture Documents
Objectives:
Understand and apply the recommended guidance pertinent to how to manage the data
lifecycle through your daily practice as an information security professional.
External Resources:
=====================
The process of managing information, following the life of data from the moment
it’s first created and stored, up to the time it gets archived or destroyed when
it stops being useful.
NOTE: Because the difference is just one of scope, any ILM system inherently
includes a data lifecycle management framework as its core.
Think of DLM as the set of governing principles that defines and automates the
stages of useful life, and determines prioritization. In more simple terms, data
lifecycle management is the catalyst that pushes data from one stage to the next,
from creation to deletion. It’s a system designed to answer the question:
DLM deals with entire files of data, while ILM is concerned with what’s in the file.
ILM seeks to ensure every piece of datum included in a record is accurate and
up-to-date for the useful life of the record. In the context of ILM, even
metadata becomes particularly important.
DLM is not concerned with the individual pieces of data within a given record, just
with the record itself.
Under the principles of DLM, as a record passes through defined lifecycle stages, it
becomes more and more obsolete. As a result, speed and accessibility are no longer
prioritized for stale data.
NOTE: Both DLM and ILM should form critical aspects of an organization’s overall
data protection strategy.
1. Data Creation - The first phase of the data lifecycle is the creation/capture
of data. Data is typically created by an organization in one of 3 ways:
Data Acquisition: acquiring already existing data which has been produced
outside the organization
Data Entry: manual entry of new data by personnel within the organization
2. Storage - Once data has been created within the organization, it needs to
be stored and protected, with the appropriate level of security applied, which
includes classifying it for easy retrieval and determining access controls. For
example, files can be marked as “internal” or “external,” which then decides
how tight of a lid it needs to be kept under.
NOTE: A data archive is simply a place where data is stored, but where no
maintenance or general usage occurs. If necessary, the data can be restored to
an environment where it can be used.
Having a clearly defined and documented data lifecycle management process is key
to ensuring Data Governance can be carried out effectively within your organization.
NOTE: A good DLM strategy offers redundancy that can ensure data stays safe in
the event of an emergency. It also helps to ensure that customer data is
safeguarded from being duplicated in different parts of a data infrastructure, where
security may be a concern.
http://www.oecdprivacy.org/
3. Data Controller - Determines the purpose(s) for which and the manner in
which data is to be processed
4. Data Processor - "Managers of all" ; they process the data on behalf of the
Data Controller and the following SPECIFICALLY:
. Adherence to appropriate and relevant data policy and data ownership guidelines
Data remanence - the residual representation of digital data that remains even
after attempts have been made to remove or erase the data
• Destroy - renders Target Data recovery infeasible using state of the art
laboratory techniques & results in the subsequent inability to use the media
for storage of data.
Techniques:
Overwriting - one or more streams of 1's & 0's in a "random" pattern one or
more times
SSD vs HDD
Cloud data - encrypt data while in storage and use ==> upon exit crypto-shred
remaining data