View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. What Is
February 28, 2017

Data Classification Explained

In this CBR Tech Express, Danny Maher, Chief Technology Officer at HANDD Business Solutions, defines and explains data classification in five questions or less.

By Ellie Burns

CBR: What is data classification?

DM: Data Classification is the process that involves putting a key identifier, which could be a label or metatag, on your data and raises awareness to the end user. It ensures the correct handling and monitoring of sensitive information both in and outside of a business, a critical aspect when it comes to protecting an organisation’s most valuable data.

 

CBR: What sort of systems or software are used in data classification?

DM: Data encryption, data governance, forensic, data loss prevention, identity and access management and user and entity behavioural analytics are all solutions that can be enhanced or complimented by the use of data classification.

Data Classification Explained

Danny Maher, Chief Technology Officer at HANDD Business Solutions.

 

CBR: What are the main business benefits of data classification?

DM: Data classification provides many business benefits including:

Compliance:

All organisations must comply with governing bodies, internal audits and mandates of some shape or form, data classification enables easy identification of an organisation’s most sensitive data and by ensuring that it’s appropriately protected the risk of falling foul to many compliance mandates will be greatly reduced.

Increased performance of existing security technology:
  • Encryption: most organisations encrypt their data and by applying a metadata to sensitive content enables the organisation to focus on encryption of its most valuable assets.
  • Data classification can be used alongside data governance and forensic solutions to clean up legacy data and reduce storage costs by bulk classifying sensitive assets as they are discovered and to ensure they are protected and only retained as long as is necessary as per the specified requirements for GDPR.
  • Data Loss Prevention (DLP) tools can be enhanced by data classification as opposed to relying on the often-cumbersome process of creating rules. By adding a confidential label into the metadata, the DLP immediately knows that the data must not go off premise thus erasing the need to scan the entire content.
  • Security Policy Extension into Identity Access Management (IAM) – identifying your data and storage locations also allows the extension of your security policy into IAM solutions so that only those with permission rights can access the data.
End User Empowerment

Data classification brings security to the front of the organisation by empowering its users. Many data leaks could be avoided if a data classification solution is in place. Adding visual labels to headers and footers helps to raise end user awareness and assist them in becoming more security focused and avoid sharing sensitive content on USB’s or third party portals.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

 

CBR: Who in the organisation would be responsible for data classification?

DM: Typically, the responsibility for data classification would reside with the Chief Information Officer (CIO) or the Chief Information and Security Officer (CISO).

 

CBR: What impact will GDPR have on data classification?

DM: Another way of looking at it is what impact data classification will have on GDPR? Implementing a robust data classification strategy will be central to organisations complying with GDPR and is the perfect way to order and prioritise data based on its sensitivity be it finance or HR information or personal customer data. Using a “metadata tag” allows easy identification of data which in turn enables it to be appropriately protected and ensuring compliance.

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU