Scenario — TrailBlaze Adventures Data Sprawl Problem
TrailBlaze Adventures has grown into a global digital travel company with large volumes of customer, operational, social, financial, and safety-related data distributed across many platforms and regions.
As the company expands, information assets are created and reused across business functions:
- Customer profiles contain identity information, passport details, emergency contacts, preferences, booking history, and payment references.
- Health and safety data includes allergies, medical conditions, fitness declarations, insurance details, and emergency-response notes.
- Location data is collected from GPS trackers, mobile apps, guide devices, and expedition safety systems.
- Rental data tracks equipment ownership, maintenance history, deposits, damage reports, and device assignments.
- Social platform content includes photos, videos, comments, private messages, community groups, and user reviews.
- Partner data includes guide contracts, local operator agreements, risk assessments, certifications, and incident reports.
Current situation
- Different regions use different file-sharing and cloud storage practices.
- Production customer data is sometimes copied into test environments.
- Marketing exports customer and social-platform data for campaign analytics.
- Guides download trip manifests onto mobile devices for offline use.
- Old trip records and GPS logs are retained indefinitely because nobody defined deletion rules.
Management concern
- Data is valuable for operations and personalization, but also creates privacy and safety risks.
- It is unclear who owns each data set and who decides retention or deletion.
- Backups exist, but restoration testing and encryption status are inconsistent.
- Several third-party platforms store copies of TrailBlaze data.
Management request: “Create an asset security approach that tells us what data we have, how sensitive it is, who owns it, how long we keep it, and how we protect it throughout its lifecycle.”
Student assignment
1
Investigate the case
Analyze the TrailBlaze scenario and identify key challenges related to asset security.
- Which information assets are most sensitive or business-critical?
- Which data sets require classification, labeling, or special handling?
- Who should own, steward, and technically protect each major data set?
- Where does data move across platforms, partners, regions, and devices?
- Which lifecycle stages create the highest risk: creation, storage, usage, sharing, archiving, or disposal?
2
Identify Domain 2 challenges
Group your findings under data classification, ownership, lifecycle management, storage security, retention, disposal, backups, and data protection controls.
3
Link challenges to Domain 2 concepts
Connect each identified challenge to CISSP Domain 2 concepts and explain why that concept is relevant for protecting TrailBlaze assets.
Deliverable: A structured list of at least 10 asset security challenges, each linked to one or more Domain 2 concepts.
Domain 2 challenges to investigate
Data Classification & Labeling
- No consistent classification scheme for customer, health, GPS, rental, and social data.
- Health and location data may require higher protection than general booking information.
- Exports used by marketing may lose classification labels and handling instructions.
Ownership & Responsibility
- Unclear data owners for customer profiles, GPS logs, and social content.
- IT operates systems but business units make unclear decisions about use and retention.
- Data stewards are not assigned to maintain quality and correct use.
Data Lifecycle Management
- Trip manifests are downloaded for offline use but not always removed after journeys.
- Old GPS logs and trip records are retained indefinitely without business justification.
- Production data is copied into test environments without masking or minimization.
Storage & Protection
- Cloud storage practices differ between regions and partners.
- Backup encryption and restoration testing are inconsistent.
- Mobile guide devices store sensitive data in remote environments with physical theft risk.
Sharing & Third Parties
- Local operators and guides receive personal data and trip information.
- Payment providers, analytics tools, and social integrations store copies of data.
- Data sharing lacks clear handling requirements and transfer controls.
Retention & Disposal
- No clear retention policy for medical declarations, emergency contacts, or incident reports.
- Old rental device data may remain on GPS trackers or mobile phones.
- Secure deletion and media sanitization procedures are not standardized globally.
Link challenges to Domain 2 concepts
Students must connect each identified challenge to CISSP Domain 2 concepts.
| Challenge | Domain 2 Concept | Explanation |
|---|---|---|
| No classification for health and location data | Data Classification / Information Sensitivity | Sensitive health and GPS data require stronger controls than ordinary marketing or booking data. |
| Unclear responsibility for customer records | Data Owner / Data Steward / Data Custodian | Ownership clarifies who decides classification, access, retention, quality, and technical protection. |
| Production data copied into test systems | Data Masking / Data Minimization | Testing should use masked or minimized data to reduce privacy and breach impact. |
| Guides download manifests for offline use | Secure Data Handling / Secure Storage | Offline copies require encryption, access control, deletion procedures, and device protection. |
| GPS logs retained indefinitely | Data Retention / Information Lifecycle Management | Retention rules should define how long location data is kept and when it is deleted. |
| Old rental devices still contain trip data | Media Sanitization / Secure Deletion | Devices must be wiped or sanitized before reuse, repair, return, or disposal. |
| Backups exist but are inconsistently protected | Backup Strategy / Storage Encryption | Backups must be encrypted, tested, protected, and aligned with recovery requirements. |
| Marketing exports personal data | Data Loss Prevention / Data Handling Policy | Exports create leakage risk and need handling rules, access controls, and monitoring. |
| Third-party platforms store TrailBlaze data | Data Governance / Secure Data Sharing | Data shared externally still requires classification, protection requirements, and accountability. |
| Social media content mixes public and private data | Information Labeling / Access Control | Different content types need clear visibility rules, labeling, and privacy-aware access controls. |
Learning outcomes
Outcome 1
Identify information assets
Recognize different types of organizational data and determine which assets are sensitive or business-critical.
Outcome 2
Apply classification
Use classification and labeling to determine appropriate handling and protection requirements.
Outcome 3
Manage lifecycle risk
Analyze risks across data creation, storage, usage, sharing, archiving, and disposal.
Outcome 4
Assign responsibility
Differentiate data owner, custodian, and steward responsibilities in practical organizational contexts.
Instructor tip
Use this case in three phases:
Phase 1
Inventory
Students identify and group TrailBlaze information assets.
Phase 2
Classify
Students assign sensitivity levels and define handling requirements.
Phase 3
Control
Students propose lifecycle controls, ownership, retention, and secure disposal measures.