The Importance of Data Inventory
This month, we are focusing on Control #3 from the Center for Internet Security. Following up on the hardware and software inventory, this control focuses on data inventory. Every organization should understand:
Where your data is stored
Which data is considered sensitive
What permissions are applied
Who has access
How long data is retained
Similar to a hardware inventory, the idea here is that you cannot successfully protect your data unless you know where it is, and who has access to it. This is why sensitive data on end-user devices should be encrypted and securely disposed of when no longer needed.
Finding and targeting data that can be ransomed or sold is the job of every hacker and threat actor on the internet. By limiting where your data is stored and how long you retain it, you shrink that target and are better able to defend it against security breaches. CHTS is happy to assist you with your organization’s data inventory. Call us at 719-264-1384 and ask to speak to your Team Manager.