Back arrow
Back to Glossary

Data Security terms and concepts

With the growth of cloud storage adoption and use, grew unique risks which required tailored data security solutions, regulations, measures and methodologies to mitigate potential loss and abuse. This category defines and delineates the scope of data security concepts, terms and best practices used to ensure the security of organizational data.

Data Security terms and concepts

CCPA

One of the common standards, regulations and compliance frameworks. California Consumer Privacy Act (CCPA) is a state statute for residents of California, United States. Its primary aim is to enhance privacy rights and consumer protection.

Read More >
Read More >

CIS

One of the common standards, regulations and compliance frameworks. The Center for Internet Security (CIS) is a nonprofit organization with no official mandate. Its primary aim is to provide a set of best-practice cybersecurity standards for a range of IT systems and products.

Read More >
Read More >

DPP

A Data Protection Policy (DPP) is a security measure used to standardize data usage, monitoring and administration. The primary objective of this policy is to safeguard and protect all data used, managed and stored by the organization. Although not mandated by law, this policy is frequently used to assist organizations in adhering to internationally recognized rules and standards for data protection.

Read More >
Read More >

Data Breach

A data breach occurs when information is copied from a system without the owner's knowledge or consent. Stolen data may contain sensitive, proprietary or confidential information, and its exposure can cause financial and reputational harm to the target.

Read More >
Read More >

FISMA

One of the common standards, regulations and compliance frameworks. Federal Information Security Management Act of 2002 (FISMA) is mandated by United States federal law. Its primary aim is to reduce the security risk to federal information and data while managing federal spending on information security.

Read More >
Read More >

GDPR

One of the common data standards, regulations and compliance frameworks. General Data Protection Regulation (GDPR) mandated by the European Union and the European Economic Area Law. Its primary aim is enhancing individuals' control and rights over their personal data and simplifying the regulatory environment for international business.

Read More >
Read More >

HIPAA

One of the common standards, regulations and compliance frameworks. The Health Insurance Portability and Accountability Act of 1996 (HIPPA) is mandated by the United States Congress. Its primary aim is detailing methods for the protection of personally identifiable information (PII) maintained by the healthcare and healthcare insurance industries.

Read More >
Read More >

IAM

Identity and Access Management (IAM) is a set of business processes, regulations, and technologies that make it easier to manage and oversee electronic or digital identities. IAM frameworks allow Information Technology (IT) administrators to govern user access to sensitive data within their organizations.

Read More >
Read More >

IRM

Information Rights Management (IRM) is an IT security solution intended to prevent unauthorized access to documents containing sensitive data. IRM applies to documents, spreadsheets and presentations created by individuals, in contrast to traditional Digital Rights Management (DRM) solutions, that are only relevant for mass-produced media such as songs and movies. IRM prevents illegal copying, viewing, printing, forwarding, deleting, and editing of this data.

Read More >
Read More >

NIST

One of the common standards, regulations and compliance frameworks. National Institute of Standards and Technology (NIST) is mandated by the regulatory agency of the United States Department of Commerce. The primary aim of NIST 800-53 is to provide a catalog of security and privacy controls for all US federal information systems except those related to national security. NIST 800-171 is a codification of the requirements that any non-federal computer system must follow in order to store, process, or transmit Controlled Unclassified Information (CUI) or provide security protection for such systems.

Read More >
Read More >

PCI DSS

One of the common standards, regulations and compliance frameworks. The Payment Card Industry Data Security Standard (PCI DSS) is mandated by the card organization's brand but administered by the Payment Card Industry Security Standards Council. It is an information security standard for handling branded credit cards in major card schemes.

Read More >
Read More >

Remediation vs. Mitigation

Remediation and mitigation are the direct result of a risk assessment conducted following the discovery of a new Advanced Persistent Threat (APT). Remediation is the elimination of a threat when possible, whereas mitigation is the development of techniques to reduce the negative impact of a threat and the possibility of a vulnerability being exploited if it cannot be eliminated.

Read More >
Read More >

SOC2

One of the common standards, regulations and compliance frameworks. The Service Organization Control (SOC2) is a voluntary compliance standard developed by the American Institute of CPAs (AICPA). Its primary aim is to specify how organizations should manage customer data.

Read More >
Read More >

SOX

One of the common standards, regulations and compliance frameworks. The Sarbanes–Oxley Act of 2002 (SOX) is mandated by United States federal law. Its primary aim is to provide common practices in financial record keeping and reporting for corporations.

Read More >
Read More >

Security and Privacy Laws, Regulations and Compliance

Data-use compliance refers to the rules and guidelines that specify how businesses and governmental bodies must protect customer and employee information from theft, unauthorized access, and other harm. This is frequently used to protect consumer data, but it can also apply to employee data, financial records, and other information.

Read More >
Read More >

Drive secure & compliant data growth

Get a Free Risk Assesment