Hill | Data Protection | E-Book | www.sack.de
E-Book

E-Book, Englisch, 330 Seiten

Hill Data Protection

Governance, Risk Management, and Compliance
1. Auflage 2012
ISBN: 978-1-4398-0693-7
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

Governance, Risk Management, and Compliance

E-Book, Englisch, 330 Seiten

ISBN: 978-1-4398-0693-7
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

Failure to appreciate the full dimensions of data protection can lead to poor data protection management, costly resource allocation issues, and exposure to unnecessary risks. Data Protection: Governance, Risk Management, and Compliance explains how to gain a handle on the vital aspects of data protection.

The author begins by building the foundation of data protection from a risk management perspective. He then introduces the two other pillars in the governance, risk management, and compliance (GRC) framework. After exploring data retention and data security in depth, the book focuses on data protection technologies primarily from a risk management viewpoint. It also discusses the special technology requirements for compliance, governance, and data security; the importance of eDiscovery for civil litigation; the impact of third-party services in conjunction with data protection; and data processing facets, such as the role of tiering and server and storage virtualization. The final chapter describes a model to help businesses get started in the planning process to improve their data protection.

By examining the relationships among the pieces of the data protection puzzle, this book offers a solid understanding of how data protection fits into various organizations. It allows readers to assess their overall strategy, identify security gaps, determine their unique requirements, and decide what technologies and tactics can best meet those requirements.

Hill Data Protection jetzt bestellen!

Zielgruppe

System administrators, CIO and CISO staff, IT vendors, disaster recovery specialists, IT security and compliance officers, and graduate students in computer science.

Autoren/Hrsg.

Hill, David G.

Fachgebiete

Weitere Infos & Material

The Time Has Come for Change
What to Look for in This Chapter

Why Data Protection Is Important

What Data Protection Is

Data Protection Has to Be Placed in the Right Framework

Evolving to the Governance, Risk Management, and Compliance Framework

Ride the Sea Change in Data Protection

How to Read This Book

An Aside on Process Management

Key Takeaways
Business Continuity: The First Foundation for Data Protection
What to Look for in This Chapter

Business Continuity as a Key to Risk Management

Business Continuity and Data Protection

Business Continuity Is Not Just Disaster Recovery

Disaster Recovery: Let’s Get Physical

Operational Recovery: Think Logically
Disaster Recovery Requires Judgment; Operational
Recovery Requires Automation

Logical Data Protection Gets Short Shift in Business Continuity
Do Not Neglect Any Facet of Data Protection

Key Takeaways
Data Protection—Where the Problems Lie
What to Look for in This Chapter

Data Protection as It Was in the Beginning

Typical Data Protection Technology Today Still Leaves a Lot to Be Desired
Summing up Data Protection Challenges by Category

Key Takeaways
Data Protection—Setting the Right Objectives
What to Look for in This Chapter

How High Is High Enough for Data Availability?

SNIA’s Data Value Classification: A Point of Departure

Do Not Equate Availability with Value

Availability Objectives for Operational Recovery and Disaster Recovery Are Not Necessarily the Same
Availability Is Not the Only Data Protection Objective

All Primary Data Protection Objectives Have to Be Met

Key Takeaways
Data Protection—Getting the Right Degree
What to Look for in This Chapter

General Use Classes of Data

The Third Degree—Levels of Exposure

Key Takeaways
Information Lifecycle Management Changes the Data Protection Technology Mix
What to Look for in This Chapter

Why Data Lifecycle Management Is Not Enough—The Need for Metadata and Management

ILM Is Deep into Logical Pools of Storage

Archiving through a New Lens

Active Archiving and Deep Archiving

ILM Changes the Data Protection Technology Mix

Key Takeaways
Compliance: A Key Piece of the GRC Puzzle
What to Look for in This Chapter
What Compliance Is All About
The Relationship between Compliance and Risk Management

Compliance and Data Protection
The Role of People in Compliance

The Role of Process in Compliance

The Role of Technology in Compliance

Key Takeaways
Governance: The Last Piece in the GRC Puzzle
What to Look for in This Chapter

Data Governance Must Respond to Changes in the Federal Rules of Civil Procedure
The Impact on Global Civil Litigation

The Big Three—Governance, Risk Management, and Compliance—and Data Protection Objectives

Key Takeaways
The Critical Role of Data Retention

What to Look for in This Chapter

The Need for Data Retention Management

Where the Responsibility for Data Retention Policy Management Lies
Making the Case for Archiving for Data Retention

Compliance and Governance

Creating Data Archive Storage Pools by Data Retention Attributes

Key Takeaways
Data Security—An Ongoing Challenge
What to Look for in This Chapter

How Data Protection and Data Security Are Interrelated

Information Security versus Data Security

Information Assurance

Information Risk Management

Data Preservation Is Data That Is Good to the Last Bit
Confidentiality as a Private and Public Concern

The Role of Data Availability in Data Security

Three Strategies for Protecting Confidentiality of Information

Confidentiality through Limiting Access to Data

Confidentiality through Limiting Use of Information

Confidentiality by Rendering Information Unusable to Unauthorized Users
The Special Case of Storage Security

Key Takeaways
Where Data Protection Technologies Fit in the New Model
What to Look for in This Chapter

Categorizing Data Protection Products

Mapping the Base Data Protection Technologies to the ILM Version of the Data Protection Framework

Key Takeaways
Back to Basics—Extending the Current Model
What to Look for in This Chapter

The Move to Multiple-Parity RAID

Evolving Backup/Restore Software

Recovery Management
Moving Data Manually and Electronically—The Place of Vaulting and Consolidation

Remote Office Data Protection

At Your Service—The Role of Service Suppliers

Key Takeaways
When Supporting Actors Play Lead Roles
What to Look for in This Chapter

Data Deduplication and Other Space-Saving Technologies

WAN Acceleration

Data Protection Management

Data Protection Change Management

Disaster Recovery Testing

Data Classification
Key Takeaways
Disk and Tape—Complementing and Competing with One Another
What to Look for in This Chapter

Disk-Based Backup

Speeding up the Backup/Restore Process—Your Mileage May Vary

Improving Restore Reliability

Keep in Mind

Virtual Tape

Virtual Tape Library

MAID

Removable Disk Drives and Disk Media

Data Protection Appliances

Tape Automation

Key Takeaways
Technologies for High Availability and Low (or No) Data Loss
What to Look for in This Chapter

Copy Strategies

Replication Strategies

Key Takeaways
Special Requirements for Compliance, Governance, and Data Security
What to Look for in This Chapter

The Use of WORM Technology

WORM Tape

WORM Disk
Electronic Locking

Guaranteeing the Authenticity of Data

Encryption Techniques
Compliance/Governance Appliance

Data Shredding

Key Takeaways
eDiscovery and the Electronic Discovery Reference Model

What to Look for in This Chapter

Information Management—Getting eDiscovery off on the Right Foot
Overview of the Steps of the EDRM Model
Key Takeaways
Cloud Computing, SaaS, and Other Data Protection Services

What to Look for in This Chapter
Growth in Services Raises Questions for Data Protection
An Introduction to Cloud Computing
Where IT Services Are Headed
Data Protection Considerations in Using a Services Model
Confronting the Issue of Control and Third-Party Services

Key Takeaways
Other Considerations in Data Protection

What to Look for in This Chapter

From Flash Computing to Tape—The Role of Tiering in Data Protection
The Impact of Server and Storage Virtualization on Data Protection
Master Data Management and Data Protection
Green Computing and Data Protection

Key Takeaways
Tying It All Together, Including the PRO-Tech Data Protection Model
What to Look for in This Chapter

The PRO-Tech Model for Data Protection

The PRO-Tech Model—Level 1
Tying the PRO-Tech Layers to GRC Business Responsibilities

Data Protection Is Everyone’s Business—Last Call for Data Governance
Synthesizing a Data Protection Framework

Guidelines for Data Protection

The Challenge Ahead and a Call to Action

Key Takeaways
Glossary
Index

David G. Hill is the principal of Mesabi Group LLC, which helps enterprises adopt new and improved IT processes and technologies. Prior to starting Mesabi Group, he was the vice president and founder of the Storage & Storage Management practice at the Aberdeen Group.

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.