Data Classification

Data Classification is about categorizing data into buckets to make it easier to retrieve, restrict access to, and protect. Data classification is important for businesses protect data according to its criticality or sensitivity. For example, companies need to protect HIPAA data differently that marketing campaigns.  Consequently, they should be placed into separate protective containers (folder, network segments, or applications) rather than co-mingled with company’s main file server user directories. By labeling and protecting information according to its categorizations, it helps employees access materials faster and helps ensure only authorized users may access protected data.  These categories should be used in concert with principle of Least Privilege to further protect your data.

Source: Varonis, TechTarget, Netwrix

Additional Reading: Google Releases SimCLR AI Framework That Can Classify Images With Limited Labeled Data

Related Terms: Confidentiality, Least Privilege, Sensitive Information

What does this mean for an SMB?

SMBs should have a policy on information handling which includes data classifications that it uses to protect sensitive and critical data.  This has the advantage of reducing the risk of accidental insider threats. These accidents happen when sensitive data is being mixed in with public data. For example, sensitive Personal Identifiable Information (PII), should not be in the same folders as marketing or financial materials. By following the principle of least privilege you can save yourself a big headache by reducing the likelihood that an employee accidentally shares sensitive information.  There are a handful of reasons why you should classify your data, so we broke it down for you: 

1. Identify critical and sensitive categories of information at your business (consider intellectual property, trade secrets, and regulated data – HIPAA, PCI etc).
2. Secure and lock down critical and sensitive data as prescribed in the Information Handling Policy.
3. Track and protect regulated data to comply with regulations like HIPAA, PCI, or GDPR.
4. Optimize search capabilities with data indexing.
5. Discover statistically significant patterns or trends inside data.
6. Optimize storage by identifying duplicate or stale data.

To learn more about Data Classification, watch this short 2 minute video:

https://www.youtube.com/watch?v=-oubxE9WdjI

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

Sign Up Today!