I published the following diary on isc.sans.org: “Data Classification For the Masses“.
Data classification isnâ€™t a brand new topic. For a long time, international organizations or military are doing “data classificationâ€. It can be defined as:
â€œA set of processes and tools to help the organization to know what data are used, how they are protected and what access levels are implementedâ€
Militaryâ€™s levels are well known: Top Secret, Secret, Confidential, Restricted, Unclassified.
But organizations are free to implement their own scheme and they are deviations. NATO is using: Cosmic Top Secret (CTS), NATO Secret (NS), NATO Confidential (NC) and NATO Restricted (NR). EU institutions are using: EU Top Secret, EU Secret, EU Confidential, EU Restricted. The most important is to have the right classification depending on your business… [Read more]