Carlam@Conceptsearching.com http://www.conceptsearching.com/wp/13998/ I am doing some research on auto-classification and would sincerely appreciate your input, thoughts, and insight. This is the third in a series on auto-classification. The other two postings are Auto-classification – Ha s it time come?
However, one thing that was clear to me whilst at this year’s #infosec13 was a lack of understanding of what is meant by Data Classification. There are a number of definitions to Data Classification provided by Wikipedia which are: Data classification (data management) Data classification (business intelligence) Classification (machine learning) , classification of data using machine learning algorithms Assigning a level of sensitivity to classified information If you take a look at these you will see that there is relevance to all of it but at Boldon James we want to draw your attention to the fourth point ‘Assigning a level of sensitivity to classified information’ and more specifically: ‘Some corporations and non-government organizations also assign sensitive information to multiple levels of protection, either from a desire to protect trade secrets, or because of laws and regulations governing various matters such as personal privacy, sealed legal proceedings and the timing of financial information releases
This is a strong argument for auto-classification tools that are capable of identifying potential sensitive or confidential content, regardless of where it resides. 100% fool-proof, of course not, but it can achieve a significant reduction in time to find all potential toxic data and most importantly, reduces organizational risk
Privacy impact assessment assumes that organizations have developed information governance best practices and systems that manage information life cycle processes including the classification and preservation of personally identifiable information
Having records management instruments (classification scheme, metadata model and security structure) developed and in use, which allow us to use structure to manage the chaotic information and records in our organizations, and by having records management professionals on board to both develop and manage these instruments for records, and non-records, is critical
IDR solutions can range from simple to complex, and have advanced significantly in the past few years, to address diverse processing needs based on form structure, data type, document classification, business rules, workflows and application integration requirements
The positives: this method counts on the participation of the audience it spurs wonderful debate colleagues view Records competencies differently The negatives: not everyone would know their architectural locations some colleagues don’t want to share too much it works well with folder classification; less well with metadata I find it very easy to transform my fractal into a qualitative report for management
Provide information classification based on risk exposure to the organization. Define minimum content and physical security access controls based on risk classification. Assign metadata and restrict access to sensitive content
For example, if you are automatically classifying documents, expect that the system will have unrecognized documents and be prepared to send those to an exception queue for manual classification. Consequently this is also a great opportunity to 'tune' the system by adding a classification technique to recognize this document type in the future
2 Comments - no search term matches found in comments.
Classify content using metadata related to the document where authors can add the metadata but the system has controls which allow the system to override the user’s classification if it is in question
1 Comment - no search term matches found in comments.
8403 Colesville Rd #1100Silver Spring, MD 20910USA
Phone: (301) 587-8202Toll free: (800) 477-2446Fax: (301) 587-2711Email: hello@aiim.org
JoinBenefitsLearn More
About UsTerms of Use