*Joint Director (IT), Orissa Electricity Regulatory Commission,Unit-8, Bhubaneswar, India
Abstract
This paper presents the roadmap to achieving data security in any type of organization. It presents the steps involved in the process with an intuitive and practical approach. The eleven steps contemplated are: 1. Identify Data Assets and their Owners; 2. Classify Data Assets; 3. Know the Legal System and Regulatory framework; 4. Follow the Data Security Principles; 5. Prepare an enforceable Security Policy; 6. Specify Access Control mechanism and Cryptography; 7. Assess Threats and Monitor; 8. Prepare Business Continuity Plan and DRP; 9. Spell out Disposal methodology; 10. Formalize a Team and Conduct Internal Audit and 11. Create Security Awareness.
