The data-eccentric security is a method of protection that gives high preference to the safety of data and information instead of the security of servers, networks or applications. The data-eccentric security is continuously evolving as organizations depend upon digital information in an increasing rate to operate their business and huge data projects are becoming mainstream nowadays.
It enables enterprises to manage the disconnection between IT security technology and the objectives of business plans by relating security to the data that they protect directly. It secures a relation that is sometimes achieved by the presence of security.
The typical process in a data-eccentric security model is the ability to inspect data storage areas when they are not used to detect weak data. It includes the ability to define usage policies which will describe whether some data are editable, accessible or blocked form particular locations or users.
It is also able to defend against unauthorized use of data or data usage and stop sensitive data from being transferred to unauthorized locations or data. It also tracks the continuous monitoring of data usage to find meaningful distraction from usual behavior that might lead to possible malicious intention.
Looking on a technical sight the eccentric data security depends upon the implementation of these strategies: The data is self-defending and describing; the controls and policies that related to the business context; the information that is protected as it is transferred in and out of applications and storage systems and changing the meaning of the business; and the policies that function consistently via different defensive technologies and layers implemented.
The various technologies used in this security system are data access controls and policies, data encryption and data masking. Furthermore, the diversity and heterogeneity of cloud environments and services want fire grained access services and control policies which should be flexible enough to capture context, dynamic or attribute or credential based access demands and data protection.