Sensitive data falls into three categories, personally identifiable information, business critical information, and classified information. Sensitive data needs to be protected and should have a protective measure in place to counter threats. Personally identifiable information can hold data like social security numbers, medical records, financial information, and driver’s license details and can cause serious impact if threat actors get their hands on it.
Let’s take cardholder data for example, which has data related to a credit or a debit card. If a threat actor gets your card’s information like cardholder’s name, expiration date, service code, pin number, and verification code, they can easily make purchases online.
This is why companies spend a lot of resources to encrypt specific data, implement multi-factor authentication, implement strong network security, and limit transmission requests. There are certain rules in place as well to protect these information like HIPPA (health insurance portability and accountability act) with guidelines to follow that analysts should be aware of.
HansITAcademy 