Data Classification
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
>> Hi. Welcome to Module 2, Lesson 6.
00:00
In all of the previous lessons in this module,
00:00
we've been talking about all the different layers,
00:00
getting all the way down closer
00:00
and closer to the data layer,
00:00
and finally, in Lesson 6,
00:00
we're at the data layer.
00:00
This is a layer where everything
00:00
exists that we're actually trying to protect.
00:00
This is the actual data we're trying to protect.
00:00
We've been talking a lot about all of
00:00
the different components that we can put at
00:00
different layers to slow attackers
00:00
down as they're trying to get access to our data,
00:00
and now we'll talk about some
00:00
of the controls that we can put in
00:00
place directly against that data itself.
00:00
The first thing we can do is we can
00:00
establish a data classification scheme.
00:00
We need to identify what our critical data even is.
00:00
Data classification is just simply creating
00:00
a set of categories for
00:00
that data and putting them into
00:00
a hierarchical format so that we know
00:00
which data is more important than other data.
00:00
Classification should be marked.
00:00
There's a lot of ways you can mark
00:00
classifications within the data.
00:00
Let's say we're talking about the concept of
00:00
a word document, a text file,
00:00
some word processing document,
00:00
you can mark that data
00:00
in the metadata itself of the document.
00:00
Behind the scenes, you can tag that data with
00:00
metadata and tag that document with metadata,
00:00
and then you can have
00:00
tools that can read that metadata tag,
00:00
or you can put tags directly in the document itself.
00:00
Maybe you create a custom header or
00:00
footer and you create a process
00:00
in your organization that says,
00:00
every document that gets created in
00:00
this organization has to have this particular header,
00:00
and in that header is a keyword.
00:00
It's one of your classifications.
00:00
Now you can take your tools once you've done
00:00
that and you can point them at this data,
00:00
and they can start to sort some of it and
00:00
understand what the more critical
00:00
data is and what it's not.
00:00
But in some way, shape, or form,
00:00
you need to mark that data once you start to put
00:00
classifications in place so
00:00
that your tools can know what to do with it.
00:00
Just like everything else, this data classification
00:00
is going to need some periodic tuning.
00:00
When you create the classification to begin with,
00:00
maybe down the road there's some new set of data
00:00
that you didn't have
00:00
a classification for when you built it,
00:00
you may need to add another classification.
00:00
Oftentimes data is very
00:00
restricted at first and then over time,
00:00
the public starts to find out about it and it becomes
00:00
less restricted data so you can move that
00:00
down the classification ranks.
00:00
But it's important that you at least
00:00
review it periodically to make sure that
00:00
your classification structure still
00:00
makes sense for your business.
00:00
Some common examples of data classification.
00:00
We're not going to ever protect
00:00
every piece of data, nor should we.
00:00
Classification gives us that way
00:00
to determine which data do we
00:00
even care about protecting and
00:00
which data should we put more controls around.
00:00
The higher up the classification chain you go,
00:00
the less people that should have access to that data,
00:00
and the more security controls and
00:00
monitoring should be in
00:00
place to protect that particular data.
00:00
One classic example, so in the DoD or
00:00
military space might be unclassified,
00:00
confidential, secret, and top secret.
00:00
In the civilian world and in the public space,
00:00
you may have public,
00:00
internal, confidential, and restricted.
00:00
In this case, maybe public data
00:00
that's marketing material,
00:00
that's data for everybody to know.
00:00
Internal data might be just internal communications.
00:00
Maybe there's an all-hands meeting coming up and
00:00
the CEO wants to tell the company something,
00:00
and that might be classified as internal communications.
00:00
Maybe you're a managed
00:00
service provider and you actually hold
00:00
customer data that could be considered confidential data.
00:00
Then maybe you're developing
00:00
new technology that's going to have a huge impact on
00:00
the world and it's going
00:00
to become intellectual property that might be in
00:00
that restricted category where
00:00
only just a certain handful of
00:00
people should even know about it.
00:00
That wraps up our lesson on data classification.
00:00
Next up, we're going to go to Lesson 2.6.2,
00:00
where we're going to talk about DLP.
Up Next
Instructed By
Similar Content
