This is the third in a series on auto-classification. The other two postings are Auto-classification – Ha s it time come?
However, one thing that was clear to me whilst at this year’s #infosec13 was a lack of understanding of what is meant by Data Classification. There are a number of definitions to Data Classification provided by Wikipedia which are: Data classification (data management) Data classification (business intelligence) Classification (machine learning) , classification of data using machine learning algorithms Assigning a level of sensitivity to classified information If you take a look at these you will see that there is relevance to all of it but at Boldon James we want to draw your attention to the fourth point ‘Assigning a level of sensitivity to classified information’ and more specifically: ‘Some corporations and non-government organizations also assign sensitive information to multiple levels of protection, either from a desire to protect trade secrets, or because of laws and regulations governing various matters such as personal privacy, sealed legal proceedings and the timing of financial information releases
This is a strong argument for auto-classification tools that are capable of identifying potential sensitive or confidential content, regardless of where it resides. 100% fool-proof, of course not, but it can achieve a significant reduction in time to find all potential toxic data and most importantly, reduces organizational risk
Privacy impact assessment assumes that organizations have developed information governance best practices and systems that manage information life cycle processes including the classification and preservation of personally identifiable information
By automating digitization, document classification, and data extraction and enabling customers to work with their documents in our Generative AI-powered content platform Ripcord streamlines document-centric processes, accelerates recall, and simplifies compliance efforts
Having records management instruments (classification scheme, metadata model and security structure) developed and in use, which allow us to use structure to manage the chaotic information and records in our organizations, and by having records management professionals on board to both develop and manage these instruments for records, and non-records, is critical
IDR solutions can range from simple to complex, and have advanced significantly in the past few years, to address diverse processing needs based on form structure, data type, document classification, business rules, workflows and application integration requirements
The positives: this method counts on the participation of the audience it spurs wonderful debate colleagues view Records competencies differently The negatives: not everyone would know their architectural locations some colleagues don’t want to share too much it works well with folder classification; less well with metadata I find it very easy to transform my fractal into a qualitative report for management
Provide information classification based on risk exposure to the organization. Define minimum content and physical security access controls based on risk classification
For example, if you are automatically classifying documents, expect that the system will have unrecognized documents and be prepared to send those to an exception queue for manual classification. Consequently this is also a great opportunity to 'tune' the system by adding a classification technique to recognize this document type in the future
2 Comments - no search term matches found in comments.