<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] is the [Access Control] applied to [Data] which relies on proper [Data Classification]




[{$pagename}] is part of [Data Management] includes:
* [Data Access Governance] ([DAG])
* [Access Control] - which includes considerations for [Digital Rights Management] and [Information Rights Management]
* [Data Loss Prevention] ([DLP])
* [Disclosure-Alteration-Destruction]
* [Disaster Recovery]
* [Data Disposal]

!! Some General Observations
When technology allows anyone with a [mobile Device] the ability to take a snapshot of a piece of paper or a computer screen, it seems it must be assumed if they can view it, they can capture it.


!! [IDSA Integration Framework] 
[IDSA Integration Framework]  describes [{$pagename}] as:
* [Data Access Governance] ([DAG]) - The discovery and [Data Protection] of [data] across the enterprise and manages the process of how users are granted [access] to this [data]
* [Enterprise Mobility Management] ([EMM]) - Allows the registration of [Mobile Devices] to safely leverage [Single Sign-On] ([SSO]) for access to [cloud computing] and [Native applications]. In addition, the chain of [trust] associated with a registered device exposes device attributes and [compliance] rules.
* [Data Loss Prevention] ([DLP]) - [Prevention] of the distribution of sensitive [data] by utilizing sufficient [risk] based definitions to determine the appropriate level of [assurance].
* [Cloud Access Security Broker] ([CASB]) - Utilizes the deep analysis capabilities to provide [Adaptive Risk] analytics to identify compromised [credentials] and potential [risks] that can then be used in [authentication] decisions.

!! [{$pagename}] and [Regulatory compliance]
Consider these extracts from various regulations, demonstrating the central theme of protecting identity-based information exchanges:

* &quot;[unauthorized] [access] to [data] that may result in destruction of [data] or improper changes to data, including the recording of [unauthorized] or nonexistent transactions or inaccurate recording of transactions…&quot; ([SOX], [SAS] 94).
* [GDPR] - &quot;[shall|SHALL] implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk [Personal data]…&quot; ([General Data Protection Regulation] ).
** [Article 32 - Security of processing|https://gdpr-info.eu/art-32-gdpr/|target='_blank'] emphasizing [Encryption] and [Pseudonymization]
* &quot;Provide reasonable assurance regarding prevention or timely detection of [unauthorized] acquisition, use or disposition of the registrant's assets that could have a material effect on the financial statements,&quot; ([SOX], Audit Std. No. 2).


!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
</pre>