Prevention in cybersecurity. This component of security focuses on preventing unauthorized access and protecting against attacks. Prevention should be top priority. Although monitoring is essential to track data access, it does not prevent unauthorized access and stealing of information.
Encryption ensures that even if unauthorized users gain access to data, they will not be able to read the data. A firewall protects against attacks. Change management also enables a formal procedure to manage changes in your systems.
Firewall - Putting a system behind a network-based firewall reduces threats from both internal and external access.
Encryption - Data encryption secures systems and their backups. Sensitive and high-value data should be encrypted where practically possible. Encryption can also be implemented on network traffic between systems to reduce the risk of data sniffing on the network.
Masking - Data masking for non-production systems prevents data exposure to developers, testers, and other non-production users. You can mask sensitive data with minimal modification to systems or processes which use the data. It is also important to mask sensitive data before moving it outside production systems; such as when producing test and analysis data.
