Organizations use information classification to help users understand the security requirements around handling different types of information. In this video, learn information classification techniques, including assigning information to classification levels, labeling classified information, and proper information handling and disposal practices.
- [Narrator] Organizations use information classification…to help users understand the security requirements…around handling different types of information.…Data classification policies describe…the security levels of information used…in an organization and the process…for assigning information…to a particular classification level.…The different security categories or classifications…used by an organization determine the appropriate storage,…handling, and access requirements…for classified information.…
Security classifications are assigned…based upon both the sensitivity of the information…and the criticality of that information to the enterprise.…Classification schemes vary,…but all basically try to group information…into high, medium, and low sensitivity levels,…and differentiate between public and private information.…The military uses the familiar top secret,…secret, confidential, and unclassified scheme,…while a business might use friendlier terms…to accomplish the same goal.…
Data classification is extremely important…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage