Educause Security Discussion mailing list archives
Re: centralized storage of sensitive data
From: reflect ocean <reflect.ocean () GMAIL COM>
Date: Wed, 1 Jul 2009 09:29:59 -0500
We are building policy for sensitive data manipulation which leads us to a stage where we are evaluating available and affordable solutions to the risk of sensitive digital document manipulation.The goal is to protect sensitive information such faculty docs from leaking by implementing data loss controls. Answering your question:both. Based on this, we are looking for a solution that protects data by offering a centralized encrypted storage and an encrypted tarnsference to the central storage device as well. We have also considered to encrypt this sensitive data from the beginning of its elaboration (i.e local encryption in the PC) but we are just starting to explore solutions. I'm aware of windows server platforms offer some sort of encrypted file server storage but i'm not sure if that includes encyrpted transference from the pc to the file server. Thanks On Wed, Jul 1, 2009 at 9:12 AM, Theresa Semmens<Theresa.Semmens () ndsu edu> wrote:
Your request is bit confusing - are you looking for solutions to encrypt just the storage (resting data), or the transference of data, or both? If it is both, you are wanting to discuss different solutions for different issues. Will you be encrypting e-mail as well? What about the workstations where the data will be manipulated - will they be considered in the protection of sensitive data? Do you have a policy and procedure in place that will provide oversight and governance for this project? Without policy and procedure, you will run into a lot of problems. This must be your first step in protecting data. I have to question if you are considering all of the situations and issues for confidential data protection. Theresa Semmens, CISA Chief IT Security Officer North Dakota State University IACC 210D PO Box 6050 Fargo, ND 58108 Phone: 701-231-5870 Fax: 701-231-8541 Theresa.Semmens () ndsu edu "Opportunity is missed by most people because it is dressed in overalls and looks like work." Thomas Edison -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of reflect ocean Sent: Wednesday, July 01, 2009 9:01 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] centralized storage of sensitive data We are planning to implement a solution to storage sensitive data which must include encryption and auditory of each access.Storage of information should be centralized and transfer of data across network also should be encryted. I've reviewed some solutions from McAfee and Sophos.If anyone has any recommendation or any other consideration to implement , please let me know. Thanks
Current thread:
- centralized storage of sensitive data reflect ocean (Jul 01)
- <Possible follow-ups>
- Re: centralized storage of sensitive data jeff murphy (Jul 01)
- Re: centralized storage of sensitive data Theresa Semmens (Jul 01)
- Re: centralized storage of sensitive data reflect ocean (Jul 01)
- Re: centralized storage of sensitive data Theresa Semmens (Jul 01)
- Re: centralized storage of sensitive data reflect ocean (Jul 01)