Topics covered in this chapter

• This chapter explains why data security and privacy-related issues have become such critical considerations for any organization interested in publishing data services.
• It examines some of the major data security considerations that are critical for implementing a DaaS framework in real life. A suggested multi-layered approach for securing the DaaS Environment is also discussed.
• Key features of a comprehensive information risk management program that can mitigate risks to the DaaS program are also shown.
• Finally, this chapter provides a practical list of data security and privacy measures that can be deployed by any organization planning to set up DaaS operations.

In many respects, data security at most organizations can be compared to a continuously evolving battle between data providers and cyber criminals. The more a data provider takes measures to protect their data, the more hackers improve their ability to get in. Credit card information and personal identifiers such as SSN and health records are just too tempting. Organizations setting up DaaS operations need to realize that as data providers they are especially vulnerable. If a cyber criminal wants to obtain customers sensitive data published by a data provider badly enough, they probably will. The best thing to do for a data provider is to be ready to take proactive measures to protect their data assets. When a data breach happens, an organization ...