Now this next section is a pretty broad topic. Unauthorized user access. So ultimately, we're either looking at an unauthorized user attempting to access or unauthorized user attempting improper access, right?
So it's not just keeping the bad guys from outside out.
It's making sure whether with or without malicious attempt intent, our internal users don't misuse mishandle Miss access its I'm pretty. I'm pretty sure miss access is not a word. But I think you get the gist of what we're going for here. So
water some ways that we can protect our data from unauthorized access
Will data classification now classifying data in and of itself doesn't protect, but the fact that data that a classification
a gratification policy should include a means to classified data, yes, but also to protect based on its value,
strong authentication already mentioned a little bit multi factor
information rights management, something that we haven't talked about the whole lot. And ultimately, what we're looking to do there is embed permissions into the file rather than making it dependent on the operating system. And by the way, we'll look at each of these in war death encryption. Are you talked a little bit. Talk a little bit more here,
then something is very common. Obfuscation. Anonymous ation, token ization and masking those four items air very frequently used so that internal employees don't know too much information. Also making sure that external
entities you know don't have access to more than they need us. Well,
DLP systems data loss prevention focus on data exfiltration from the network.
Let's be able to detect it.
TPM is a trusted platform module that's a chip built on the motherboard. If you're aware bit locker technology, it uses TPM
anti malware. What is the best way to deal with malware?
I don't get it. Just don't get it on the best ways to not get it is toe have anti malware? Not foolproof, but it's certainly a big start,
proper treatment or Saturday sanitization at the end of the data life cycle. Yes, making sure that when we're done with the system or a device, we don't just, you know, throw it on the storage pile or, you know, send it out for recycling purposes
that we make sure that we cleanse sensitive information from these devices
You know, watching who has access, what degree of access or process is being followed or the process is effective.
So all of these were gonna come together to help us protect data, whether it's at rest or use the says data storage. But really, some of these can protect
um data, even beyond storage.