Why a Data Flow Map Will Make Your Life Easier

Sunday, October 23, 2011

Brent Huston



It’s impossible to protect everything in your environment if you don’t know what’s there.

All system components and their dependencies need to be identified. This isn’t a mere inventory listing.

Adding the dependencies and trust relationships is where the effort pays off.

This information is useful in many ways:

  • If Server A is compromised incident responders can quickly assess what other components may have been affected by reviewing its trust relationships
  • Having a clear depiction of component dependencies eases the re-architecture process allowing for faster, more efficient upgrades
  • Creating a physical map in accordance with data flow and trust relationships ensures that components are not forgotten
  • Categorizing system functions eases the enclaving process

Don’t know where to start? It’s usually easiest to map one business process at a time. This enables everyone to better understand the current environment and data operations.

Once the maps are completed they must be updated peri-odically to reflect changes in the environment.

Click here to see an example of a Data Flow Map. The more you know, the better prepared you can be.

Cross-posted from State of Security

Possibly Related Articles:
Information Security
Network Security Systems Data Management Architecture SysAdmin Data Flow Map
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.