[SANS ISC Diary] Data Classification For the Masses

I published the following diary on isc.sans.org: “Data Classification For the Masses“.

Data classification isn’t a brand new topic. For a long time, international organizations or military are doing “data classification”. It can be defined as:

“A set of processes and tools to help the organization to know what data are used, how they are protected and what access levels are implemented”

Military’s levels are well known: Top Secret, Secret, Confidential, Restricted, Unclassified.

But organizations are free to implement their own scheme and they are deviations. NATO is using: Cosmic Top Secret (CTS), NATO Secret (NS), NATO Confidential (NC) and NATO Restricted (NR). EU institutions are using: EU Top Secret, EU Secret, EU Confidential, EU Restricted. The most important is to have the right classification depending on your business… [Read more]