Data Management Workshop Series

Data is the lifeblood of every organisation. Data is also a primary target for bad actors. How data is used, managed and secured is critical: either the organisation remains operational or it suffers a breach, data exfiltration or worse.

At the centre of all this is the data user.

This series of workshops by BMIT aims to provide participants with the knowledge and practical skills to manage data effectively.

Data Governance and Risk Management

Data management policy review / creation: In this workshop, we look at various policies that help the organisation’s data management needs; what a data management policy is and how it correlates with other policies.

Data risk assessment: This workshop looks at data risks from different perspectives: those related to the infrastructure where the data is stored to the actual flows of data – in use and in transit.

Data Flow and Access Control 

In this workshop we look at three important elements: Data flows, Access Control and Audit trails.

Data flows: Where is data being created, accessed and stored? With this information it is possible to identify all the attack surfaces from where data could be stolen or tampered with

Access Control Analysis: Now that you know where your data is, the next important question is who has access to it, do they have more access than necessary to do their job (least privilege), are they a ‘vulnerable’ user and at risk?

Audit trail analysis: What story does your data audit trail tell you about data movements and usage? Are audit logs properly retained? Are the proper processes in place?

Honey Pot

In this workshop we look at data management and risk management in action. Through the creation of decoy users – internal and external – with different levels of access, we explore data flows to identify data leakage events, test audit trails and their effectiveness, and the overall data management function.

Data Security Awareness Training

This tailored training focuses on security threats that specifically target an organisation’s data. From invoice scams and credentials theft to impersonation and AI threats, we explain how bad actors think and how to identify attacks targeting data.

Data Minimisation

When accessing data, the values or information contained within should only be visible to those authorised to see it. In this workshop, we discuss the appropriate data masking techniques and other data minimisation mechanisms.