Data Privacy and Security
Data security is the roles, procedures, and policies implemented by the organization to protect sensitive
data from unauthorized access, while data privacy is giving individual the ability to protect his own data
and to choose how to share it.
To ensure data privacy and security are embedded throughout system design several measures should
be considered while performing the system design phase:
1- perform Privacy Impact Assessment in project early stages.
2- Set Data security policies for systems and individuals.
3- Design 2-factor authentication to protect data.
4- Ensure planning user training and documentation to be performed on Data security and privacy
5- While planning risks, ensure that mitigation measures are set up for data protection.
6- Plan Risk response procedures for data breaching
7- Ensure planning to apply data privacy and security standards.
8- Set data retention policies
Architecture principles to protect against Cyber security threads and data breaching:
While ensuring the data security principles are implemented through out the project (integrity,
confidentiality, availability) are implemented, other principles should also be considered:
1- User awareness and trainings against cyber security.
2- System updates against security threads
3- Real-time monitoring for data security and breaching
4- Set disaster recovery and business continuity plan.
5- Perform regular checks.
