It’s fair to say that within business it’s easy to assume that your customer knows everything. I think the customer may even go as far to say that they know everything too. However, one thing that was clear to me whilst at this year’s #infosec13 was a lack of understanding of what is meant by Data Classification.
There are a number of definitions to Data Classification provided by Wikipedia which are:
If you take a look at these you will see that there is relevance to all of it but at Boldon James we want to draw your attention to the fourth point ‘Assigning a level of sensitivity to classified information’ and more specifically:
‘Some corporations and non-government organizations also assign sensitive information to multiple levels of protection, either from a desire to protect trade secrets, or because of laws and regulations governing various matters such as personal privacy, sealed legal proceedings and the timing of financial information releases.’
We tend to think of ‘Top Secret’ classified information being a military thing only. Well it really isn’t, all of the content that we create on a daily basis has some form of sensitivity to it. This could be the spread sheet with your company’s sales figures and customer details on it, it could be your project plan when releasing a new product into the market, it could be the medical records your doctor holds. All of this information is crucial to business and it’s up to the content creators I.E you and me to ensure the integrity of your data.
This was the eye opener for me at Infosec13 and something that needs to be addressed and realised by content creators. Especially as more and more of us are creating new content every day which is creating more risk to businesses, especially if you are not labelling it.
Overall, the #Infosec13 show was a great experience with it being my first one and congratulations to @reallygrumpidad for winning £100 voucher from @ITGovernance in the Boldon James sweater competition.
#BoldonJames #Labelling #ElectronicRecordsManagement #InformationGovernance #ISO27001 #DataClassification #BYOD #ProtectiveMarking