DSPM

Step 1: Data Discovery and Classification

  • What?: In this step all the data assets has to be identified and categorized by the organization.
  • Why?: It is important to know what assets should be prioritized and should be more protected then other assets. This step is about categorizing the assets according to importance.
  • How?: Discover all the data an organization has. This can be done by using tools for scanning the whole system. Then the data has to be organized according to sensitivity and importance. Some categories to put the assets inn is: Public, internal, confidential and restricted.

Step 2: Risk Assessment

  • What?: In this step the security risks has to be evaluated.
  • Why?: This will help if there are known risks with the most important assets, which will help the organization to know where there should be done security improvements.
  • How?: The organizations has to look for vulnerabilities that can be exploited. The organization has to understand how data is moves within their system. They also have to look into whether they are following the regulation of the country they are operating inn. Then finally these 3 steps have to be combined and calculated to give the asset a risk score.

Step 3: Access controll and Monitoring

  • What?: Managing who has access to what assets.
  • Why?: This improves the security of the assets because if an user gets compromised good access control would mitigate the damage too the minimum as possible.
  • How?: Restricting access to each user to only what they need to be able to do their job. Monitoring the activity of each user to look for suspicious behavior. Logging all the activity happening in the system is important when an incident happens to be able to discover what happened.

Step 4: Data Protection

  • What?: Safeguard the data if breaches or unauthorized access happens.
  • Why?: This is important to because it protect the data if all the other measures before that fails.
  • How?: This can be done by encrypting the data, replacing the data with tokens, data masking by replacing content of the data, implementing DLP on critical assets.

Step 5: Incident response and remediation

  • What? Create an Incident response plan.
  • Why? An incident response plan will prepare the organization for incidents and will decrease the response time considerably.
  • How? Incident response have several steps similar to the DSPM and needs an whole document itself to be explained.

Step 6: Compliance and Reporting

  • What?: Make sure the organization is following the data protection law of the country they are operating inn.
  • Why?: This is important to avoid fines and court cases for not following the law.
  • How?: Keeping the organization updated on the regulatory requirements and make sure the data protection is implemented accordingly. Logging activity as proof of compliance. Creating reports to show compliance. Regulate policies to adhere to the requirements of the law.

Step 7: Continuous improvement

  • What?: Review the other DSPM steps for their performance and look for improvements.
  • Why?: This is important to make sure that data protection implementation are working and is up to date.
  • How?: Auditing the performance of the implementations, regular security training of staff, update policies when new requirements occur, automating tasks that can be automated.