Data-In-Motion (DIM) |
Can the product fit to your business without
interrupting good business transactions while protecting the data and
preventing misuse? Required before phases II and III of the
Data
Security
Deployment/ maturity Model. |
Essential for mapping to the business and catching
real events. Policies are ratcheted down for accuracy in phase I
before moving into phase II of the Data Security Deployment/ Maturity Model |
Phases II and III of the
Data Security Deployment/
Maturity Model |
Data-At-Rest (DAR) [*hint DON'T START HERE]' |
Easy to find the data but you must engage the
business to figure out why the data is there. The business processes are
nearly impossible to uncover without extensive business involvement. |
Easy to find data types with predefined policies
and easy to make your own. Some companies think that the results from a
DAR scan will help then define data but often have trouble sorting
through the results they get from a DAR scan… requiring business
involvement for clarity. Most find this process very time consuming. |
Shelf-ware alert!
ROI is very low and rarely moves out of Data Security phase I. Companies that lead
with DAR often find Data Security results ineffective at demonstrating ROI. This
makes it difficult to justify applying resources to DIM or DIU. Phase
III is rarely accomplished with DAR. |
Data-In-Use (DIU) |
Insight into how data is used by applications and
when not in the office. Required before phases II and III of the
Data
Security
Deployment/ Maturity model. |
Essential for mapping to the business and catching
real events. Policies are ratcheted down for accuracy in phase I
before moving into phase II of the Data Security Deployment/ Maturity Model |
Phases II and III of the
Data Security Deployment/
Maturity Model |