12. Data handling, retention, and storage Flashcards

1
Q

Data handling, retention, and storage

Data Handling

A
  1. Only trusted individuals should handle data
  2. Policies should be in place - how, where, when, why
  3. Logs should show the above metrics

  • Administrative control
  • Feeds back to the “need to know” Who accessed the data, did they have a good reason to do so?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Data handling, retention, and storage

Data Storage

A
  1. Where is sensitive data kept
  2. Secure, climate controlled facility, geographically distance location

  • When there is a disaster, the tapes are safe from
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Data handling, retention, and storage

MTD

A

Maximum Tolerable Downtime

  • If MTD is 4 hours, it takes 2 hours to restore but 3 hours for backup company to deliver the tapes, this is past the MTD
  • Disaster Recovery Plan factors in. Testing, walk through, realisations of possible problems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Data handling, retention, and storage

Backup Company - Collecting tapes

A

Reliable & Bonded

  • Whomever collects must understand the liability
  • Insurance must be in place if the tapes are lost
  • Documented list of people whom can collect the tapes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data handling, retention, and storage

Data Retention

A

Should not be kept beyond;
1. period of usefulness
2. legal requirements

  • HIPAA or PCI_DSS may require certain retention - 1, 3 ,7 years or indefinitely
  • Each industry has its own regulations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Data handling, retention, and storage

Credit Card Processing

A

Log of Transaction
NOT actual transaction

  • If your business accepts credit cards but are not a credit card processor
  • Once data is handed off to credit card processor, business needs to get rid of it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly