Almost all business companies want their data should be secure but most of them still don't have the data security policy.
Developing data security policy document is a serious task and one should properly assign to develop this document.
Higher Management motivation is very important because they will decide either policy is implementable or not and what action will be taken if someone not follow the policy.
A person who took the responsibly to develop the data security policy should be capable to understand the business areas, current culture of company, review the audit observation report if any, good understanding of data security.
While developing the data security policy document first identify the main areas that need to be secure. Usually following areas identifies and explain in the policy document.
Server Security
All Servers should be kept in secure server room. Only authorize person will allow to access the server room. Log will maintain for those enter in the server room. All servers should be patched and anti-virus software will install. Maintain the list of software's that are installed on the servers. Role of Server and it configuration list will be maintain.
Network Security
New user fills the password issuance form with approval of their department head. If user no more required to access or login in the system then his / her account will be deactivated. User log will be maintained. User will not share their password. Password should be strong. Password must be change after 90 days. Unnecessary ports will not open. Firewall will be implemented. Only Database administrator is authorized to access the database.
Data Backup
Data will be backup daily / weekly / monthly Monthly and weekly backup must be complete backup. (Week usually start on Monday) Daily backup may be incremental or complete depend on requirement. Log will maintain for backup. Authorize person should take the backup. Backup media should be reliable and kept in safe and secure place. After three month backup should by restore for verification.
Data backup is really important in order to maintain the security of data. But if encounter data loss problem data recovery services can help in getting back it.
ReplyDeleteData security is the top issue in all the companies and organizations. In order to secure the data from a number of potential risks several tools and software's are available in the market. When choosing one of them it is advised to review all the options and features to make the best choice.
ReplyDeleteelectronic signature
vCloud Tech’s backup and disaster recovery services upload all your organizational data to the secure server so you can access your organizational data with just a few clicks..
ReplyDelete