A comprehensive data security strategy incorporates people, processes, and technologies. Establishing appropriate controls and policies is as much a question of organizational culture as it is of deploying the right tool set. This means making information security a priority across all areas of the enterprise.
Physical security of servers and user devices
Regardless of whether your data is stored on-premises, in a corporate data center, or in the public cloud, you need to ensure that facilities are secured against intruders and have adequate fire suppression measures and climate controls in place. A cloud provider will assume responsibility for these protective measures on your behalf.
Access management and controls
The principle of “least-privilege access” should be followed throughout your entire IT environment. This means granting database, network, and administrative account access to as few people as possible, and only those who absolutely need it to get their jobs done.
Learn more about access management
Application security and patching
All software should be updated to the latest version as soon as possible after patches or new versions are released.
Maintaining usable, thoroughly tested backup copies of all critical data is a core component of any robust data security strategy. In addition, all backups should be subject to the same physical and logical security controls that govern access to the primary databases and core systems.
Learn more about data backup and recovery
Training employees in the importance of good security practices and password hygiene and teaching them to recognize social engineering attacks transforms them into a “human firewall” that can play a critical role in safeguarding your data.
Network and endpoint security monitoring and controls
Implementing a comprehensive suite of threat management, detection, and response tools and platforms across your on-premises environment and cloud platforms can mitigate risks and reduce the probability of a breach.