Organizations use information classification to help users understand the security requirements around handling different types of information. In this video, you will learn information classification techniques, including assigning information to classification levels, labeling classified information, and proper information handling and disposal practices.
- [Instructor] Organizations use information classification…to help users understand the security requirements…around handling different types of information.…Data classification policies describe the security levels…of information used in an organization and the process…for assigning information to…a particular classification level.…The different security categories or classifications…used by an organization determine the appropriate storage,…handling, and access requirements…for classified information.…
Security classifications are assigned based upon both the…sensitivity of information and the criticality…of that information to the enterprise.…Classification schemes vary but all basically try…to group information into high, medium, and low…sensitivity levels and differentiate between public…and private information.…For example, the military uses the familiar…top-secret, secret, confidential,…and unclassified classification scheme.…A business, on the other hand, might use friendlier…terms to accomplish the same goal using terms like…
Members who take all eight courses in the series will be prepared to take and pass the CISSP exam. Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage