Decide on a Data Handling Approach
This article applies to: Security Essentials for IT Professionals
Data discovery and cleanup is much more than simply deploying a data discovery tool and reacting to its search results. Other necessary components include:
- An understanding of local business processes.
- Unit or department level confidential data handling and retention practices.
- Causes of stale confidential data.
- Data discovery tool capabilities.
- Typical scan process.
Confidential data is an important part of many campus business processes. People in particular roles and environments may handle it regularly and may need to retain recent work materials for a reasonable period of time.
Understanding what confidential data is and what it’s used for will help to determine what data to retain and how to secure it, as well as how to securely remove non-essential data.
Ongoing Data Hygiene
Where data must be retained, in place, for ongoing use, departments should create a plan for good data hygiene, including a regular process to search for and remove data that is no longer needed.
Removing Confidential Data Securely
Confidential data to be destroyed should be securely erased from its original location. Where entire hard disks, CD/DVD, or thumb drives must be erased, several options exist, see Best Practices for Media Destruction.
Storing Confidential Data Securely
If you keep confidential data, it must be stored securely in one of the following ways.
- Move data to a properly secured server environment
- Move data that needs limited ongoing access to CD or DVD
- Encrypt in place
Move Data to a Properly Secured Server Environment
- Advantages: Server environments may be easier to secure and monitor than individual computers. When files containing confidential data are in a central location, it may be more efficient to access common files, monitor, scan, and continue to evaluate the necessity to retain the confidential data.
- Disadvantages: It's necessary to define and scrupulously apply access rights for groups of people to ensure files are only accessible according to business need.
- Caveats: File sharing and off-campus access must be done over an encrypted network protocol. VPN is recommended where the server itself can’t provide this functionality.
Move Data Needing Limited Ongoing Access to CD/DVD
For confidential data where the need for ongoing, easy access is marginal, offline storage may be desirable. You may copy old files to CD, DVD, or an external hard disk, then store that media in a locked location such as a file cabinet. Then securely remove the original data from the computer. (See Best Practices for Media Destruction.)
- Advantages: The data is truly off-line and beyond the reach of Internet attacks.
- Disadvantages: Frequent access, or access by multiple people, may be time consuming. It is easy to lose track of confidential data stored this way. Loss of media may present an even greater risk to the university than simply encrypting the data or storing it on a central file server.
- Caveats: A good inventory and a plan for eventual destruction is essential with this approach.
Encrypt in Place
Some environments and business processes may be suited to take advantage of encryption.
- Advantages: Encryption of each file, one by one, offers the best protection against loss or compromise.
- Disadvantages: This is the least convenient method because each file may require its own password. The necessary password management and key escrow can be difficult. Other challenges include compliance with University Policy 5.3.
- Caveats: Creating an encrypted container or volume in which confidential data is stored requires a high degree of vigilance at the expense of reduced protection. Encrypting an entire hard disk offers the greatest convenience but only protects against theft or loss of the computer.