Security must also be maintained while the data is being transported over the network. The process of transferring data must be in itself secure. Users that store or retrieve data must be authenticated, sometimes using strong authentication mechanisms. In addition Access control must ensure that users only take appropriate action, and that only authorized actions are carried out.
Auditing is required to ensure that a detailed history of activities can be reviewed and validated
A sophisticated user management scheme along with strong authentication capabilities is essential. Access control must allow the ability to departmentalize the data and the access to it, and detailed logs auditing and tracking of every activity must be available.
As data transfer is an essential part of a larger business process, it is critical to be able to validate that this step in the process was executed correctly. This requires the solution to provide auditing features, data integrity verification and guaranteed delivery options.
Itís always comforting to know that there is still some honesty in the business world when we hear about Pepsiís action in alerting their main competitor. But I guess we have to accept that this is the exception rather than the rule; so whoís deciding today whether to alert you to the fact that your corporate jewels are being hawked around, or are they just accepting that fate has dealt them a favourable hand.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.