Differences

This shows you the differences between two versions of the page.

--- exim4:email_classification [2016/11/25 11:42] – peter
+++ exim4:email_classification [2020/07/15 09:30] (current) – external edit 127.0.0.1
@@ Line 2: / Line 2: @@
 TODO
+identify - sensitive and high-value data
+discover - location and accessibility of sensitive data
+classify - data according to value to the organisation
+secure - employ security controls and protection measures
+monitor - measure and evolve security practices
+===== Identify Data =====
+First, you need to build a strong foundation of knowledge around your data, to understand exactly what you hold and the potential risks to its security.  identifying the types of data that are of greatest importance to the business, so you can pinpoint where you need to focus protection and controls.
+===== Discover =====
+Unknown data makes you vulnerable to attack.
+Cut retention costs, too, by disposing of redundant data
+You need to establish:
+what data you hold
+what is being collected
+what is being created
+where it's stored or located
+why you have it
+how sensitive it is, and
+who is accessing, using or sharing it.
+Data discovery examine file stores and databases, scanning for certain types of information, key words, criteria and classification metadata.
+===== Classify Data =====
+Data needs to be classified according to its importance or sensitivity to ensure data is appropriately controlled.  at the point of creating, editing, sending or saving.
+automate the process, and human input.
+who should have access to each type of data.
+decide how many categories you’ll have.  Aim for three or four such as Confidential, Internal only and Public.  category relating to information that’s subject to regulatory controls – such as EU GDPR, ITAR controlled or HIPAA/HITECH restricted.
+The EU General Data Protection Directive (Directive 95/46/EC) is designed to protect all personal data collected for, or about, citizens of the EU, in particular as it relates to processing, using, or exchanging data.
+The US Health Insurance Portability and Accountability Act (HIPAA) is intended to improve the efficiency of the U.S. health care system by encouraging the widespread use of electronic data.
+===== Secure Data =====
+Data loss prevention (DLP) solutions.  shield the business against intentional and accidental data loss by, for example, blocking employees from uploading a file marked ‘Confidential’ to Dropbox, or stopping a file containing credit card numbers from being emailed to a third party.
+Email gateways which will automatically encrypt any file marked ‘Confidential’.
+Discovery tools – enabling employees to rapidly locate information and understand instantly how it can be used.
+Security incident and event monitoring (SIEM) tools that pick up on potentially risky user behaviour before a breach occurs – flagging up, for example, if someone keeps copying sensitive documents to a storage device.
+Data governance - Who is accessing sensitive information, and who might be violating policy,
+Data retention.  Retention rules can also be set for different classifications.
+===== Email Classification =====
 To classify incoming and outgoing emails.
@@ Line 45: / Line 106: @@
 Where a message remains undelivered or unread after a set period of time, the message is forwarded onto a mailbox monitored 24 hours a day where action is guaranteed. Intended message recipients are sent a message explaining what has happened to the message.