7 Data Classification Tips

Make data classification a part of your total security program.
1. Identify the risk and determine the financial impact of a breach.
2. Manage the risk and set defined policies for data classification.
3. Understand the regulatory issues in your industry.
4. Minimize the risk by implementing tools that can get the job done.
5. Deploy continuous monitoring and education.
6. Data classification software needs to be integrated with DLP and other security technologies.
7. Consider the deployment model.

{image 1}

Businesses spend millions of dollars on security technology such as firewalls, sandboxes and endpoint tools, but so many of the breaches have to do with poor policy enforcement and human error.

Greg Hoffer, vice president of engineering at Globalscape, adds that while his company offers secure file transfer software, companies really need to think about how data classification tools can help them find out how much PII they have in storage and set policies surrounding that data.

Todd Feinman, CEO of Identify Finder, an automated data classification company, adds that so often he and his team go into companies and the management has no idea how much data they have and how much of that data has PII or other sensitive information.

“So many IT managers tell me they simply have no idea,” Feinman says. “What I tell them is that they have to ‘know’ their data before they can try to protect it.”

Data classification tools can help companies get answers to these questions and help them set policies and train their employees so they can reduce their exposure to data leaking because of inconsistent policies and human error. In interviews with Hoffer and Feinman about data classification, Dark Reading developed seven tips for security managers to consider.

Next slide
Recommended Reading: