Custodian
Custodian: In the context of information security, a custodian is an individual or organization responsible for safeguarding data or an asset, ensuring its confidentiality, integrity, and availability. They are typically tasked with implementing the policies and procedures established by the data owners and maintaining the technical environment to secure the information. They may handle tasks […]
Data at Rest
Data at Rest: Refers to inactive data that is stored physically in any digital form, such as databases, data warehouses, spreadsheets, archives, tapes, or off-site backups. It contrasts with data in transit or data in use. Protecting data at rest typically involves encryption and access controls to mitigate the risk of unauthorized access or data […]
Data Classification Scheme
Data Classification Scheme: A structured framework used to categorize data based on its level of sensitivity, importance, and legal obligations. Such schemes allow organizations to effectively manage and protect their data by setting rules for access, storage, and transfer and ensuring that adequate protective measures are applied consistently throughout the organization’s data ecosystem.
Data Classification
Data Classification: The process of organizing data into categories for its most effective and efficient use. Classification helps manage risk by applying appropriate controls based on the sensitivity and value of the data. It typically involves categorizing data as public, internal, confidential, or secret to guide users on how to handle and secure it. Proper […]
Data Contamination
Data Contamination: The process by which data becomes corrupt or tainted due to the introduction of erroneous, misleading, or irrelevant information. This can happen through human error, data integration issues, or malicious activity, such as a cyber-attack. Contaminated data can lead to inaccurate analyses, misguided business decisions, or compromised machine learning models. In cybersecurity, it […]
Data Controller
Data Controller: An individual, organization, or entity that determines the purposes and means of processing personal data. In the context of privacy laws, such as the GDPR, data controllers have specific legal obligations regarding the handling of data, including ensuring its protection and privacy, responding to data subject’s rights requests, and reporting data breaches. They […]