Data Classification – What are your crown jewels?

Information Security involves more than hardening your perimeter defenses. The core of your organization is your data – your crown jewels. In order to truly understand the heart of what you are protecting, your data can be “classified.” Peters & Associates can assist you through the process by performing a data classification workshop. During the workshop, you will identify data types, evaluate their storage, sensitivity, access controls and protection.

Step 1. Inventory (know what you have)

Step 2. Categorize (know your sensitivity)

Step 3. Control (implement safeguards)

As related to Information Security, data classification involves classifying data based on sensitivity. The data can be put in groups. Common classifications are confidential, private, sensitive and public. In addition to the obvious bank information, litigation data or medical records, data classification may also apply to the secret sauce of your organizational process. Each organization is different–therefore you will have your own requirements.

Government, Financial and Business classifications may not be the same. However, they share the same security objectives:

  • Confidentiality
  • Integrity
  • Availability

Additionally, the assignment of impact for each objective is required:

  • Low (limited adverse effect on the organization)
  • Moderate
  • High (severe or catastrophic adverse effect could mean the loss of confidentiality, integrity or availability that result in the inability of the core business functions, major financial loss or individual harm)

You, of course, would likely love to protect everything with the same level of security. But the time and effort to do that is not realistic. This pragmatic approach enables you to protect what is most critical to your business.

Peters & Associates understands the process can seem overwhelming. We have a dedicated team of consultants and Information Security practitioners that can assist you with putting together a plan to classify and protect your crown jewels. Contact us at info@peters.com to learn more – we are happy to help!

By |2019-05-13T14:05:52-05:00May 2nd, 2019|Security Solutions|0 Comments

About the Author:

Marcia serves as a senior project manager at Peters & Associates on the cutting edge of network technology. She works with her clients to assess, design and implement projects ranging from information security frameworks to on prem and cloud initiatives. With 25 years of experience in IT, she realizes financial advantages and user efficiencies for her clients by conceptualizing technical solutions for even their most complex business problems. Marcia has decades of experience managing technology adoption and compliance for the heavily regulated financial industry while delivering secure, resilient solutions on-time and on-budget. Marcia has leveraged a strong information security background to drive organizational compliance for customers as well as Peters & Associates own CompTIA Security Trustmark+. To pair with her extensive technical expertise, Marcia excels at communicating with both end users and executives alike.

Leave A Comment