nss Cybersecurity As a Service
nss Privileged Access Management
nss MSP & ITSP Integrated Solutions
nss Data Security Management
nss Password Management for MSPs
nss Vulnerability Assessment & Management
nss Application Security Testing for Enterprise
nss Link Load Balancing, Wifi & SDWAN
nss Next-gen threat resilience
nss Document Security
nss Server Load Balancing, Secure GW, WAN Optimization
nss Email Archiving
nss PKI Solutions & Identity Services
nss Tiered Backup Storage
nss Physical / Virtual Backup & Disaster Recovery
nss Secure Critical Communications
nss SIEM & Log Management
nss Threat & Vulnerability Management Platform
PRODUCTS
PRODUCTS
Facebook Twitter Linkedin Youtube Rss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss

Boldon James. The 5 Steps to Effective Data Classification: Identify

Using data classification as part of a strategy to secure corporate data assets is sometimes referred to as ‘locking up the crown jewels’. But data security neither starts nor ends with the act of controlling access to information. Nor should a security policy be limited to protecting only the most valuable data; even less critical information can damage the business if it’s lost or leaked at the wrong time.

First, you need to build a strong foundation of knowledge around your data, to understand exactly what you hold and the potential risks to its security. Picture your organisation as the Tower of London. If you don’t know where your crown jewels (and less sparkly assets) are you’ll end up locking every door – or leaving the wrong doors open, exposing them to risk.

This process begins with identifying the types of data that are of greatest importance to the business, so you can pinpoint where you need to focus protection and controls.

Your most valuable and confidential data (your crown jewels) might include:

  • Data assets – such as the information on a CRM database
  • Business-critical documents including strategic plans and agreements
  • Documents or information that are subject to regulations
  • Intellectual property (IP), such as product designs and technical specs
  • Personal information – for instance employees’ details.

More often than not, however, a company’s most vulnerable point will not be its crown jewels; it’s likely they’ll already have been recognised and heavily protected. It’s the more everyday sensitive data that people don’t think about, like customer lists, contracts, or time sensitive documents such as company results and press releases that are most likely to be leaked or lost. This data must also be identified and protected.

A helpful way of determining the value of a piece of information – and the risks to be managed – is to think about the impact if it was leaked or lost. Would it harm the business, for example by damaging the brand, incurring a fine from the regulators (for breaching the EU GDPR, for example) or eroding competitive advantage? If it got into the public domain, would it expose your customers, partners or suppliers? Would it put an employee’s security or privacy at risk? Would you be breaching a contract?

Once you’ve defined the data that is most at risk, you can start to find out where your sensitive data is located.

Are you ready to move on to the next level?
Contact us
Facebook Twitter Linkedin Youtube Rss

NSS

Visitor Info

Operating System: -
IP Address: 3.149.213.209

Contact us

Emergency Disinfection
Copyright © NSS. All Rights Reserved.
website by 9AM