A pharmaceutical company stores its proprietary drug formulas, which are considered trade secrets, on an internal file server. A security analyst is tasked with protecting this sensitive data from disclosure, even if an attacker or an unauthorized employee gains access to the server itself. Which of the following controls would be the MOST effective at achieving this specific goal?
Placing the server in a locked data center with biometric access
Encrypting the files containing the formulas
Isolating the server on its own network segment
Implementing strict access control lists (ACLs) on the file share
The most effective control to protect the confidentiality of data at rest, such as proprietary formulas on a server, is encryption. Even if an attacker or unauthorized user gains access to the file system, the encrypted data will remain unreadable without the proper decryption key. While physical security, access control lists (ACLs), and network segmentation are important layers of defense, they do not protect the data itself if those layers are breached. Encryption directly protects the data from unauthorized disclosure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is encryption and how does it work?
Open an interactive chat with Bash
What are trade secrets, and why are they important?
Open an interactive chat with Bash
What are the risks of not encrypting sensitive company data?