Achieving the Benefits of Data Classification on a Budget

Data classification is a term that is not usually associated with the small business.  It tends to invoke thoughts of a lot of red tape and inconvenience that small businesses tend to avoid.  In reality, some essential elements of data classification can be put in place at a small business with much less cost and effort than you might think.

The first step is to know what you have.  Gather a cross-section of the company including persons from different departments and job roles.  Brainstorm about the types of data that the company has and create a list.  Next, group each of the data types into one of the following categories based on the data types sensitivity and availability.  Sensitivity is concerned with the impact disclosure of the data to unauthorized persons would have and availability is concerned with the impact of lack of access to the data.

The simplest mapping would include four areas but I would recommend at least using a high, medium, low model with nine areas at a minimum and more for more complex environments.

  • High sensitivity, high availability
  • High sensitivity, low availability
  • Low sensitivity, high availability
  • Low sensitivity, low availability

Now that you have each data type in a category, label the categories and create a policy that outlines the data for each category and how it should be protected and then put together a plan to implement security controls that meet the requirements in the policy.

Share Button

3 thoughts on “Achieving the Benefits of Data Classification on a Budget

  1. Excellent post. I was checking continuously this blogs and I’m impressed! Very helpful information specially the remaining part 🙂 I care for such information much. I was looking for this particular info for a long time. Thanks for sharing.

    View Comment

Leave a Reply