Data Access & Governance Policies: Data Access Oversight and IAM

Data Access & Governance Policies: Data Access Oversight and IAM

• Course Overview
• discuss how data access governance identifies and protects digital assets through policies
• list examples of standard security accreditations related to the protection of sensitive data
• provide examples of security controls related to data accessibility
• discuss how DLP, user awareness and training, applying updates, encryption, and malware scanning can minimize data breaches
• map HR job roles to IT system and data permissions
• set Windows NTFS file system permissions in accordance with the principle of least privilege
• identify the role IAM plays in a data governance framework
• use the AWS console to create IAM users and groups
• use the AWS console to assign permissions policies to IAM groups
• mitigate data breach events by identifying weaknesses
• fulfill organizational and regulatory data security requirements
• implement effective security controls to protect data

This course explores how a DAG (Data Access Governance), a structured data access framework, can reduce the likelihood of data security breaches, and reduce the likelihood of future breaches. Risk and data safety compliance addresses how to identify threats against an organization's digital data assets. You will learn about legal compliance, industry regulations, and compliance with organizational security policies. You will learn how the IAM (identity and access management) relates to users, devices, or software components. Learners will then explore how a PoLP (Principle of Least Privilege) dictates to whom and what permission is given to users to access data. You will learn to create an IAM user and group within AWS (Amazon Web Services), and how to assign file system permissions to a Windows server in accordance with the principle of least privilege. Finally, you will examine how vulnerability assessments are used to identify security weaknesses, and different types of preventative security controls, for example, firewalls or malware scanning.

Data Access & Governance Policies: Data Classification, Encryption, and Monitoring

Data Access & Governance Policies: Data Classification, Encryption, and Monitoring

• Course Overview
• recognize the importance of data classification
• use Microsoft File Server Resource Manager to set file classification values
• recall methods of encrypting sensitive data
• enable Microsoft BitLocker to protect data at rest
• configure and test Microsoft VPN to protect data in motion
• use Microsoft System Center Configuration Manager to view managed device security compliance
• identify the relevance of tracking data access trends
• identify how data access can be monitored through SIEM and reports
• recognize how logging and auditing feed into data analytics
• enable filtered logs in the Windows Event Viewer
• configure file system object auditing using Group Policy
• use encryption to protect data and monitor data access

Explore how data classification determines which security measures apply to varying classes of data. This 12-video course classifies data into a couple of main categories, internal data and sensitive data. You will learn to classify data by using Microsoft FSRM (File Server Resource Manager), a role service in Windows Server that enables you to manage and classify data stored on file servers. Learners will explore different tools used to safeguard sensitive information, such as data encryption. You will learn how to enable Microsoft BitLocker, a full volume encryption feature included with Microsoft Windows, to encrypt data at rest. An important aspect of data access governance is securing data that is being transmitted over a network, and you will learn to configure a VPN (virtual private network) using Microsoft System Center Configuration Manager. You will learn to configure a Custom Filtered Log View using MS Windows Event Viewer to track user access to a database. Finally, you will learn to audit file access on an MS Windows Server 2016 host.