Data Security Lifecycle

Expand all

The Risk

The focus of information security spending has been for many years on addressing mainly “Noisy Threats” (noticed/detected), which directly affected the normal operation of an organization in regards to its internet presence and email communication. To address these threats, technologies like Firewalls, IDS/IPS and email gateways running Anti-Virus/Anti-Trojan and Anti-Spam engines were utilized. These controls, however, are generally weak in protecting data from internal threats. In addition, the incapability of these technologies to recognize data-specific protocols, make them unable to safeguard organizational data.

On the other hand “Quiet Threats” (undetected/unnoticed), such as data theft and/or unauthorized access, targeting the organization’s data either from within the organization or from outside, went unnoticed. This was largely due to the inability of existing controls to detect such activity.

During the last few years the need for safeguarding the organization’s data has been forced not only by regulatory compliance but also by the rising trend of data theft incidents.

Due to the above, organizations nowadays are focusing on safeguarding their data/information assets throughout their Lifecycle. 

The Data Lifecycle

From the moment an information asset is created, to the moment it is destroyed, it passes through a number of stages.  At each such stage, the security concerns may differ.  As such, an organization should ensure that it establishes a solid data lifecycle management process which incorporates the necessary information classification and control measures to assure the appropriate levels of confidentiality, integrity and availability are applied to this information.

The stages or states that data goes through during its lifecycle are as follows:

  • Create/Update (DA&P) - Creating or changing a data/content element (not just a document or database). Generating new digital content, or altering/updating existing content.
  • Store (DLP + DA&P) - Committing the digital data to storage repository (typically occurs nearly simultaneously with creation)
  • Use (DLP + DA&P + DM) - Data is viewed, processed, or otherwise used in some sort of activity.
  • Share (DLP + DA&P + DM) - Exchanging between users, customers, and partners.
  • Archive - Leaving active use, entering long-term storage.
  • Destroy - Permanently destroying using Physical or digital means (e.g. crypto shredding).

Understanding this business critical challenge, Odyssey offers a number of high-end security solutions.  With numerous relevant deployments under its belt deployed at local and regional market leading organizations, we pride ourselves to have unsurpassed experience and expertise in the field.

Our relevant solutions include: