ISO/IEC 27001 Control 8.12: Data leakage prevention

Control

Data leakage prevention measures should be applied to systems, networks and any other devices that process, store or transmit sensitive information.

Necessity of MidPoint

MidPoint's contribution to implementation of this control is marginal.

Implementation of the control is mostly outside the scope of identity governance and administration (IGA), therefore midPoint cannot provide significant advantage. However, midPoint can still provide minor supporting information and functionality.

Implementation Overview

MidPoint can provide supporting information for data leakage prevention.

Implementation Details

Application inventory and information classification can provide information about the data that needs to be monitored for data leakage. Projection links can be used to track systems where person data were copied, which may help in selecting systems for data leakage monitoring.

Rationale

Data leakage prevention is almost completely out of scope of identity management. MidPoint can only provide supplementary information.

Was this page helpful?
YES NO
Thanks for your feedback