Operational Methods of an Organization Ensuring the Safety of Data
01. USE OF PASSWORDS AND PIN NUMBERS
A password is a secret code provided to a system to access its resources. Passwords and pin numbers are provided to an individual to deter any unauthorized access.
02. USER ACCESS LEVEL
This is a process by which the system administrator gives separate accounts with different access rights for each user to protect sensitive data from unwanted audience. Each user in the system is given a set of resources to access the system depending on his/her nature of the job he does. In most cases, the top management are given access to confidential data and employees are given access to filtered and limited data.
03. USING FILE ATTRIBUTES SUCH AS READ ONLY, HIDING ETC.
Most systems provide features such as hiding data or changing file properties to Read Only. This move ensures that original files are not tampered with or altered to change meaning.
04. DATA ENCRYPTION
Encryption is a secure process for keeping personal and confidential information private. It is a process by which bits of data are mathematically coded using a password key/encryption key. The encryption process makes the data unreadable unless or until decrypted using decryption key known only by the user.
05. USE OF BIOMETRIC SYSTEMS
A biometric system is an automatic identification system based on matching of biological features to authenticate a system to respond. Examples include: finger prints recognition, facial recognition, eye recognition, DNA recognition, voice recognition, palm recognition etc.
06. DATA BACKUP
Backing up data is making copies of data from the original file and saving it somewhere else which may be used to restore the original after a data loss event.
07. SECURITY QUESTIONS/STAMP
This is a data security measure that ensures the system authenticate after the visitor answers a number of questions correctly as was provided during signup.
08. SECOND LEVEL AUTHENTICATION PROCEDURES
This security measure lets the system authenticate after a secret code has been provided which is sent through a third party system such as email or SMS but belonging to the user as was provided during signup.
09. USE OF reCAPTCHA TECHNIQUE
This is a Technique in data security that tests whether the system user is human or bot.
10. USE OF ANTI-MALWARE/ANTI-VIRUS SOFTWARE
Installing anti-malware or antivirus ensures that the system is not corrupted from malicious software made by hackers to harm or eavesdrop information from the organization.
Related searches on Data Security and Controls form 2 Level