adam's notes

Data Protection

  • When protecting data, tailor security measures and controls to:

Data Protection Methods

Geographic Restrictions involve limiting access to data based on specific geographic locations.

  • ensures that data is accessible only from approved regions
  • common use case
    • comply with data protection laws and regulations
    • cloud platforms or third-party datacenters may need to enforce geographic restrictions to specify where their data can be stored and processed

Encryption converts data into a coded format that can only be accessed or deciphered with an encryption key or password.

  • protects data confidentiality

Hashing involves converting data into a fixed-length string of characters using a hashing algorithm.

  • used to verify data integrity and securely store passwords

Masking involves replacing sensitive data with fictional or partially concealed values while preserving the format and length of the original data.

  • prevents exposing sensitive information
  • often used to hide sensitive data fields and password characters entered into forms

Tokenization replaces sensitive data with a randomly generated token while securely storing the original data in a separate location.

  • Tokens have no meaningful value
    • reduce the risk of unauthorized access or exposure of sensitive information
  • use case
    • payment processing systems
    • sensitive payment card information is replaced with a randomly generated token
    • token is used to represent the payment card data during transactions
      • is stored in the system’s database

Obfuscation involves modifying data to make it difficult to understand or reverse engineer without altering functionality.

  • uses
    • to protect source code intellectual property
    • prevent unauthorized access to critical details
  • e.g.,
    • data masking, data type conversion, and hashing

Segmentation is a method of securing data by dividing networks, data, and applications into isolated components to improve sensitive data protection, limit the impact of a breach, and improve network security.

  • helps restrict access based on user roles, privileges, location, or other criteria
  • use case
    • healthcare systems or electronic health records (EHRs)
    • Patient data is categorized and segmented based on various factors

Permission restrictions involve controlling access to data based on user permissions.

  • ensures that only authorized individuals or roles can view, modify, or interact with specific data elements
  • reduces risk of unauthorized access, data breaches, or accidental misuse

Graph View

Backlinks