Keep your Information safe in your Computer & Mobile, Lesson 29

Data is classified into - Internal Use

Examples
Data must be protected to prevent loss, theft, unauthorized access, and unauthorized disclosure.
Data must be protected by a confidentiality agreement with a Third Party before access is provided to the latter.
Proprietary data must be stored in a closed physical location (e.g., filing cabinet, office, warehouse, or department where controls are in place to prevent disclosure) when not in use.
Data must not be posted on any public website.
Data must be destroyed when no longer needed, subject to the Group Data Retention Policy. Destruction of data can be in any of the following ways:
- Hard copies of documents containing confidential or proprietary information must be destroyed by shredding them or another approved process that destroys the data beyond recognition or reconstruction. Electronic storage media containing classified information must be appropriately sanitized by degaussing and physically destroying same.
Deleting files or re‐formatting media containing data in electronic format is NOT an acceptable method of destroying confidential or proprietary data.

Care Required
Data must be adequately protected to prevent loss, unauthorized access, and/or unauthorized disclosure.
Data must be appropriately destroyed when no longer needed, subject to the Group Data Retention Policy.
This type of information must not be made public nor posted on any public website.


Thanks for Read,
Please "SHARE" our post that your friends can read and learn and "COMMENT" us so that we can make our blog beautiful.

Please Follow us.
Facebook Profile
Twitter
Google+
facebook Page
Youtube
E-mail

Keep your Information safe in your Computer & Mobile, Lesson 28

Data is classified into - Confidential or Proprietary

Examples
Business Policies and Procedures.
Business partner information not covered by a restrictive confidentiality agreement.
Internal organizational charts.
Audit planning documents.

Care Required
Data must be protected to prevent loss, theft, unauthorized access, and unauthorized disclosure.
Data must be protected by a confidentiality agreement with a Third Party before access is provided to the latter.
Proprietary data must be stored in a closed physical location (e.g., filing cabinet, office, warehouse, or department where controls are in place to prevent disclosure) when not in use.
Data must not be posted on any public website.
Data must be destroyed when no longer needed, subject to the Group Data Retention Policy. Destruction of data can be in any of the following ways:
 -Hard copies of documents containing confidential or proprietary information must be destroyed by shredding them or another approved process that destroys the data beyond recognition or reconstruction. Electronic storage media containing classified information must be appropriately sanitized by degaussing and physically destroying same.
Deleting files or re‐formatting media containing data in electronic format is NOT an acceptable method of destroying confidential or proprietary data.


Thanks for Read,
Please "SHARE" our post that your friends can read and learn and "COMMENT" us so that we can make our blog beautiful.

Please Follow us.
Facebook Profile
Twitter
Google+
facebook Page
Youtube
E-mail

Keep your Information safe in your Computer & Mobile, Lesson 27

Data is classified into - Strictly or Highly Confidential

Examples
Content of Audit Reports.
Personnel, Executive/Top Management Information.
Data identified by government regulation to be treated as confidential, or sealed by order of a court of competent jurisdiction.

Care Required
When stored in electronic format, highly confidential data must be protected with minimum level of authentication such as the application of strong password usage convention.
Access to highly confidential data must be recorded/logged, tracked, and regularly monitored.
When stored on mobile devices and media, protection and encryption measures provided through mechanisms (e.g., access/password controls and 128 bit encryption) approved by the Head of the IT Department must be employed. Data must be stored in locked physical storages like drawers, rooms, or warehouses or areas where physical access is controlled by
security guards, cipher locks, biometric controls, and/or card readers. Highly confidential data must be strongly encrypted when being transferred electronically to any entity outside of the Group.
When sent via fax, this type of data must be sent only to a previously established and already used/tested address or one that has been verified as using a secured location.
Highly confidential data must not be posted on any public website.
Data must be destroyed when no longer needed, subject to the Group Data Retention Policy. Destruction of data can be in any of the following ways:
- Hard copies of documents containing classified information must be destroyed by shredding the documents or another approved process that destroys the data beyond recognition or reconstruction.
- Electronic storage media containing classified information must be appropriately sanitized by degaussing and physical destruction.
- Deleting files or re‐formatting the media containing data in electronic format is NOT an acceptable method of destroying Strictly or Highly Confidential data.
The Data Owner must immediately be notified if Strictly or Highly Confidential data is accessed without proper authorization, lost, disclosed to unauthorized parties or is suspected of being lost or disclosed to unauthorized parties, or if any unauthorized use of Group information systems has taken place or is suspected of taking place.


Thanks for Read,
Please "SHARE" our post that your friends can read and learn and "COMMENT" us so that we can make our blog beautiful.

Please Follow us.
Facebook Profile
Twitter
Google+
facebook Page
Youtube
E-mail