7 Protecting your assets

This chapter covers

Identity and credential access management
The role of training in cybersecurity risk management
Best practices for data confidentiality and integrity
Resilience and security in technology infrastructure

Imagine your company data as a vault filled with gold. Data security is like a high-tech security system for that vault. It uses multiple layers of protection to keep the gold (data) safe from anyone who tries to steal it.

First, there are strict rules about who can enter the vault (access control). Then there are alarms, cameras, and even laser grids (firewalls, antivirus) to stop anyone who tries to break in. But what about the people who already have access (employees)? They need to be trained like security guards to spot suspicious activity (security awareness training).

Data security isn’t a one-time thing, either. The security system needs regular updates and maintenance to stay ahead of new threats. Just like a vault wouldn’t use outdated locks, your data security needs to be constantly improved.

In short, data security is a comprehensive strategy that protects your valuable information at every step, from when it’s stored (data at rest) to when it’s being used. Let’s dive deeper and see how each security system layer works!

7.1 Identity management, authentication, and access control

7.1.1 Authentication

7.1.2 Access control

7.1.3 Identity and credential management

7.1.4 Context-based identity proofing and credential binding

7.1.5 User, service, and hardware authentication

7.1.6 Identity assertion, protection, conveyance, and verification

7.1.7 Access permissions management

7.1.8 Physical access controls

7.1.9 Types of security controls

7.1.10 Identity management, authentication, and access control metrics

7.1.11 Identity and access management dashboard exercise

7.2 Awareness and training

7.2.1 Awareness and training metrics

7.2.2 Awareness and training metrics exercise

7.3 Data security

7.3.1 Data at rest

Summary