Answer:
Make a data flow diagram!
Data flow maps are a recognized method of tracing the flow of data through a process or physically through a network. A data flow diagram is a graphical representation of the "flow" of data through an information system that models its process aspects. A Data flow diagram will help you capture the main components of your information system, how data moves within the system, user-interaction points, and the authorization boundary.
Cybersecurity staff implementing data loss prevention products can also use data flow maps during the planning stages to identify the many types of secure data within their organization. The data flow map will depict sensitive information in all of its forms, origins, paths, exit points and storage locations. The map should show where sensitive information is processed, where it transits the organization's network and where it is stored. Protocols and encryption status of sensitive information should be also shown.
A good data flow map can be worked up from a baseline network diagram. This is a high-level diagram that depicts sites with symbols representing key network devices involved in sensitive information handling. Additional information applied to it should be thought of as overlays. For organizations where sensitive data is housed at multiple sites, bird's eye (high-level) and in-the-weeds (detailed) diagrams will be needed. This approach helps to make the flow of sensitive information more comprehensible without a high degree of abstraction.
-----------------------------
Learn more about Carly Souther's webinar 10 Steps to Cybersecurity Continuity & Compliance
print
share