Explaining Data Privacy and Protection Concepts

# Explain Privacy and Data Sensitivity Concepts ## Privacy and Sensitive Data Concepts - Security - CIA Triad - Privacy - Personal data about data subjects - Compliance with Regulations - Rights of data subjects - Information life cycle management - Creation/collection - Distribution/use - Retention - Disposal ## Data Roles and Responsibilities ![[Pasted image 20230710103539.png]] ![[Pasted image 20230710103611.png]] ## Data Classification ![[Pasted image 20230710104304.png]] ## Privacy Notices and Data Retention ![[Pasted image 20230710104355.png]] ## Data Sovereignty and Geographical Considerations - Data sovereignty - Jurisdiction that enforces personal data processing and storage regulations - Geographical considerations - Select storage locations to mitigate sovereignty issues - Define access controls on the basis of client location ## Privacy Breaches and Data Breaches - privacy breach -> someones PII gets leaked - Data breach -> data got compromised - Not specifically what data - Overarching term ## Data Sharing and Privacy Terms of Agreement - SLA - require access controls and risk assessment to protect data - **Interconnection Security Agreement (ISA)** - External clients (non govt) connecting to government systems - NDA - Legal basis for protecting information assets - Data sharing and use agreement - Specify terms for the way a dataset can be analyzed - Proscribe use of reidentification techniques ![[Pasted image 20230710105211.png]] # Explain Privacy and Data Protection Controls ## Data Protection - **Data at rest** - In some sort of persistent storage media - Encrypt the data, using techniques such as whole disk encryption, database encryption, and file- or folder-level encryption - Apply permissions—Access Control Lists (ACLs)—to ensure only authorized users can read or modify the data - **Data in transit (or data in motion)** - Transmitted over a network - Protected by transport encryption, such as TLS or IPSec - **Data in use** - cannot be encrypted - Present in volatile memory, such as system RAM or CPU registers and cache - Malicious intruder with rootkit access to the computer may be able to access it - Trusted execution environments/enclaves ## Data Exfiltration - Data exfiltration methods - Removable media - Transferring over the network - Communicating data over the phone or by video - Taking a picture or video of text data - Ordinary countermeasures - Ensure that all sensitive data is encrypted at rest - Create and maintain offsite backups of data - Ensure that systems storing or transmitting sensitive data are implementing access controls - Restrict the types of network channels that attackers can use - Train users about document confidentiality and the use of encryption to store and transmit data securely ## Data Loss Prevention - systems to prevent/mitigate data loss/prevention - DLP products scan files for matched strings and prevent unauthorized copying or transfer - Policy server - Endpoint agents - Network agents - Cloud-based DLP - Remediation - Alert only - Block - Quarantine - Tombstone - changes attachment with the private data to a privacy document or such ## Rights Management Services - assign file permissions for different document roles - Restrict printing and forwarding of documents - Restrict printing and forwarding of email messages ## Privacy Enhancing Technologies - Data minimization - Only collect sufficient data to perform the specific purpose that consent was obtained for - Deidentification - Removing personal information from shared data sets - Anonymization - Irreversible deidentification techniques - Pseudo-anonymization - Reidentification is possible using a separate data source - Reidentification attacks - K-anonymous information ## Database Deidentification Methods - Data masking - Whole or partial redaction of strings - Format-preserving masks - Irreversible - Tokenization - Replacing field value with a random token - Token stored in a separate data source (vault) - Reversible with access to the vault - Aggregation/banding - Hashing and salting - Indexing method - Discarding original data for identifier