The labels must never be removed from the data. Data elements must retain their labelling throughout the data movement process from the point that the data is received to wherever it moves within the network. Additionally, if data is commingled within a table that includes FTI and non-FTI data, the FTI data must be explicitly labeled and identified as such at the column, record or data element level. For example, if data is commingled at the table level, e.g., a database comprising both FTI and non-FTI data tables, the tables must be labeled in such a way so that it is readily apparent that those tables contain FTI. However, when data is commingled, it must be identified at the lowest level at which all data is FTI. 1075 does not prohibit FTI data from being commingled with non-FTI data, given the proper controls are in place. Another product allows for label-based access control (LBAC), which enforces access at the row and column levels. With the level being the sensitivity, the compartment indicating the type of data, and the group which further separates the data and can indicate the origin. For example, one product allows for the configuration of data security based on sensitivity levels, composed of a combination of levels, compartments, and groups. Although it is not a requirement to include source information in the labeling convention, this is strongly recommended in order to better track FTI throughout the IT environment.ĭata labeling can be accomplished in a variety of ways depending on the vendor. Typically, this includes identifying the data at the entry point into the agency’s environment. In order to properly label data, agencies must first determine how the data is to be identified. In addition, a data labeling legend or other explanation document must be maintained by the agency, which identifies the labeling methodology applied and allows a reviewer to quickly identify which data elements are FTI in an individual table or database. In order to utilize a database to store FTI, the agency must meet the following mandatory requirements and apply them to each database which contains FTI: 1) Proper FTI LabelingĪgencies must determine and identify the FTI data they have and consistently apply labels to that data before it migrates into the agency’s IT environment., in such a way that the data is easily identified even when commingled. Organized, consistently applied labeling can help the agency better enforce access control to the data elements, easily identify what needs to be audited and logged, and can identify those network components which are required to be in compliance with Pub. If the data is not properly labeled, the auditing function cannot be configured to be compliant. The first step to effectively audit FTI access requires that data is properly labeled upon receipt. Agencies are responsible for implementing audit logging of FTI, which includes: identifying the data to be audited, creating audit logs as the data is accessed and performing analytics and monitoring on those audit logs. The Office of Safeguards has observed a wide range of database data element labeling practices while reviewing labeling and auditing procedures. 1075), requires records to be clearly labeled to indicate that FTI is included in the record. However, in situations where physical separation is impractical, Publication 1075, Tax Information Security Guidelines for Federal, State and Local Agencies (Pub. It is recommended that FTI be kept separate from other information to the maximum extent possible to avoid inadvertent disclosures. Databases are used by the agencies to store federal tax information (FTI) which is then retrieved using queries for use in applications, making the FTI accessible to end users and on the back-end component by databases administrators (DBAs). Databases are the central point for reviews conducted by the Office of Safeguards.
0 Comments
Leave a Reply. |