Chapter 7 DXp InformatIon SeCurIty Table 7-1. (continued) Security Public Private Confidential Concern Storage • Stored in • access-restricted storage • Stored in encrypted way normal • ensure continuous availability • must be stored in storage • Data cannot be cached. nonreversible one-way hash • Data cannot be transmitted as method. urL parameter or with http • Stored within a specific Get request or as hidden location and geography fields. • ensure continuous availability • Data cannot be cached. Sharing • Can be • need permission from • not shared shared information owner for the as-is storage. • transport level security • encrypted during sharing • Bulk sharing not allowed Destruction • Should be safely destroyed • Should be safely destroyed auditing and • not needed • all access events should be • all access events should be logging logged. logged • third-party audits should be conducted on a regular basis. archival and • must • need permission from • need permission from retention comply information owner and must information owner and must with legal comply with legal regulations comply with legal regulations regulations availability • Should have high availability • Should have high availability (continued) 206