Classification and Control of information is at the core of information security. Before one can effectively secure information, one must know it is in need of protection and one must have in place a “structure” for managing who has access to it. This requires that, for every piece of information, someone—the information owner—must know where it is located and have authority to (i) “classify” the information in some “standardized” way and (ii) control access to it.
- Security Classifications - Security Classifications Information Owners determine the sensitivity of the information they “own.” In doing so, they follow a “standard” language that helps ensure that everyone will know how to protect the information they use in performing their professional duties. Many organizations classify information into three categories: Public Information Internal Use Only Information Restricted Information Public Information […]
SecureTheVillage Webinar: Information Classification and Control
Webinar Deck (PDF): Information Classification and Control
August 2, 2018: Stan’s Guest: Michael Gold, Partner, Jeffer, Mangels, Butler & Mitchell