Data confidentiality is about protecting data against unintentional, unlawful, or unauthorized access, disclosure, or theft.
Confidentiality has to do with the privacy of information, including authorizations to view, share, and use it. Information with low confidentiality concerns may be considered "public" or otherwise not threatening if exposed beyond its intended audience. Information with high confidentiality concerns is considered secret and must be kept confidential to prevent identity theft, compromise of accounts and systems, legal or reputational damage, and other severe consequences.
Examples of data with high confidentiality concerns include:
- Social Security numbers - must remain confidential to prevent identity theft.
- Passwords - must remain confidential to protect systems and accounts.
The following are considered when managing data confidentiality:
- To whom data can be disclosed
- Whether laws, regulations, or contracts require data to remain confidential
- Whether data may only be used or released under certain conditions
- Whether data is sensitive by nature and would have a negative impact if disclosed
- Whether data would be valuable to those who aren't permitted to have it (e.g., hackers)
- Encrypt sensitive files.
Encryption is a process that renders data unreadable to anyone except those who have the appropriate password or key. By encrypting sensitive files (by using file passwords, for example), you can protect them from being read or used by those who are not entitled to do either.
- Manage data access.
Controlling confidentiality is, in large part, about controlling who has access to data. Ensuring that access is only authorized and granted to those who have a "need to know" goes a long way in limiting unnecessary exposure. Users should also authenticate their access with strong passwords and, where practical, two-factor authentication. Periodically review access lists and promptly revoke access when it is no longer necessary.
- Physically secure devices and paper documents.
Controlling access to data includes controlling access of all kinds, both digital and physical. Protect devices and paper documents from misuse or theft by storing them in locked areas. Never leave devices or sensitive documents unattended in public locations.
- Securely dispose of data, devices, and paper records.
When data is no longer necessary, it must be disposed of appropriately.
Sensitive data, such as Social Security numbers, must be securely erased to ensure that it cannot be recovered and misused.
Devices that were used for business purposes or that were otherwise used to store sensitive information should be destroyed or securely erased to ensure that their previous contents cannot be recovered and misused.
Paper documents containing sensitive information should be shredded rather than dumped into trash or recycling bins.
- Manage data acquisition.
When collecting sensitive data, be conscious of how much data is actually needed and carefully consider privacy and confidentiality in the acquisition process. Avoid acquiring sensitive data unless absolutely necessary; one of the best ways to reduce confidentiality risk is to reduce the amount of sensitive data being collected in the first place.
- Manage data utilization.
Confidentiality risk can be further reduced by using sensitive data only as approved and as necessary. Misusing sensitive data violates the privacy and confidentiality of that data and of the individuals or groups the data represents.
- Manage devices.
Computer management is a broad topic that includes many essential security practices. By protecting devices, you can also protect the data they contain. Follow basic cybersecurity hygiene by using anti-virus software, routinely patching software, whitelisting applications, using device passcodes, suspending inactive sessions, enabling firewalls, and using whole-disk encryption.