Blog

, , ,

Breaking Down the Best Practices & Tools for Data-Centric Audit and Protection (DCAP)

by Ellen Zhang

“DCAP is a term which integrates DAM and DAP protection strategies on…”

Sensitive information, such as operational and customer data. The DCAP model focuses on data classification and discovery, storage of sensitive information, security governance and policy management, protection, monitoring, and audit functions, behavior analysis, and alerting and blocking. Starting with data classification, it is critical to begin properly categorizing the data to understand what is sensitive data versus what is not sensitive data. Once the data is classified, the storage model should be highly controlled and encryption protected. The goal is to protect the data before a breach could ever occurs. The governance model should allow the data to be protected without hindering the user’s ability to leverage the data. Therefore, when implementing a protection, monitoring, behavior analysis, alerting and blocking model for the data, the user’s focus on data usage should be taken into account at all times. Data protection, monitoring, and audits should be based on best practices focusing on the following:

  • Real-time monitoring and visualization of an enterprise security model
  • Audit capability to validate data access, security events, and protocols are being implemented and followed throughout the organization
  • Data access control for internal and external resources based on a security role model
  • Proper data classification and storage strategy which properly identifies sensitive versus non sensitive data and applies the correct security models

As Featured On: