Data Mitigation & Whitelisting/Blacklisting - Week 8
Data Mitigation
Data breaches are becoming a common occurrence, many believe it is not a matter of if, but when it will happen.
Some ways to mitigate damage are:
Reporting the breach - By law, organisations have 72 hours to report a breach since the day that it happened, the company must report what type of data has been breached, how they breach occurred, how many people are affected, and steps the organisation is taking to recover from the breach.
Notify Individuals - Organisations have to notify individuals if the breach poses a risk to natural living persons, data subjects should be notified and advised of some steps they can take to mitigate damage themselves, such as: changing passwords and monitoring suspicious activity on their accounts.
Prepare for the Future - Organisations should use the information gathered to respond to the breach to investigate further to see what security improvements could be implemented.
What is Whitelisting & Blacklisting?
Whitelisting and blacklisting are two methods of controlling access.
Whitelisting - simply blocks all connections and resources, the administrator would allow specific programs/addresses individually to access them or provide access to others, this method might be more suitable for smaller networks that have fewer resources that need to be accessed, as it would be time consuming constantly allowing programs or addresses for new users.
Blacklisting - Blacklisting works the opposite, it allows all connections and resources, making the administrator block unwanted connections or software applications, making it easier to manage and scale for bigger enterprises.
In summary, Whitelisting provides a higher level of security as it blocks all connections by default, but it requires more intensive management. On the other hand, Blacklisting offers easier management but lower security. The choice between the two depends on the size of the network and the importance of the systems and data that need to be secured
Comments
Post a Comment