Tag Archives: data classification
Classy Data (pt. 3) – Ownership and Risk
September 28, 2009 – 6:00 am
–
Security professionals proudly describe how they assign owners to their organizations’ data and those owners “assume the risk of any compromise of the data.” Give me a break! The owner is invariably some business-unit manager who just wants to get the job done. The manager will agree to…
Classy Data (pt. 2) – Context and Handling
September 13, 2009 – 9:52 pm
–
The category of a particular data item may have been carefully arrived at and cast in concrete, as it were. But data do not live in unchanging isolation, nor are they always used for the same purpose or in the same manner. …
Classy Data (pt. 1) – Categorization
August 3, 2009 – 6:00 am
–
How many times have you heard the following? “First classify the data into internal, confidential, secret, etc. This determines how the data should be handled. Then assign a data owner who must approve who has access to the data and what they can do with them. Oh, and by the way, the data owner…
How Deep in DLP Are You?
October 15, 2008 – 6:00 am
–
While every security tool a vendor advertises to or demonstrates for you is purportedly the silver bullet that saves your organization from drowning in a virtual sea of hackers, rogues and spies, data-leakage protection – or prevention (DLP) is one for which many electrons have been slain to…
RBAC For More
June 20, 2008 – 6:00 am
–
Organizations that face significant regulatory scrutiny — or have large numbers of disparate systems containing highly sensitive data — are most likely to have, or at least to need, Roles-Based Access Controls (RBAC). These organizations are usually trying to accomplish two ends by…