Home > Articles

This chapter is from the book

Data Life Cycle

key_topic_icon.jpg

You learned about the data life cycle earlier in this chapter. Review that section. You will learn more about it in Chapter 27. The information life cycle should also be based on the classification of the data. Organizations are required to retain certain information, particularly financial data, based on local, state, or government laws and regulations. This section looks at the steps in the data life cycle.

Create

The first step in the data life cycle is the creation or acquisition of the data. While most data is generated by an organization, in some cases, an organization might purchase data, such as purchasing a marketing report from an industry organization or demographic data that helps sell products. The important issue during this step is the proper classification of the data so it can receive the appropriate protection.

Use

Once the data is available to users, those who require access to it need to use the data in the manner intended. At this step, the important issue is proper access control and review of accounts given access to ensure that permissions are being used appropriately.

Share

The sharing of data with others is a step fraught with danger. Uncontrolled sharing can cancel out all of an organization’s security safeguards. Granting the right to share the data should only be done when necessary, and this right should be held by as few individuals as possible.

Store

During the time that data is held by an organization, it must be stored somewhere. Security issues that are paramount at this step are ensuring that the prescribed encryption is in place, that the data is being successfully backed up, and that integrity is being ensured by frequently generating hash values of the data that can be used to identify data corruption if it occurs.

Archive or Destroy

All organizations need procedures in place for the retention and destruction of data. Data retention and destruction must follow all local, state, and federal regulations and laws. Documenting proper procedures ensures that information is maintained for the required time to prevent financial fines and possible incarceration of high-level organizational officers. These procedures must include both the retention period, including longer retention periods for legal holds, and the destruction process.

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.