Page 41 - Cyber Warnings
P. 41
Data Classification: Cybersecurity Within the Perimeter
By Stephane Charbonneau, CTO, TITUS
Organizations large and small across all industries understand the importance of cybersecurity
– loss of reputation, share price and consumer trust have become impossible to ignore. Security
comes in many forms, and organizations need strategies to address data safety on all fronts.
While traditionally, emphasis has been placed on perimeter security, companies are now seeing
the need to protect the data itself. Enter data classification.
There are usually several components involved in deploying technology security solutions,
including secure network gateways, data loss prevention systems and encryption.
But with the rapid explosion of mobile devices that can store gigabytes of data and the easy
access to cloud sync-and-share services, it is difficult for technology and IT teams to keep up
and ensure that users are not accidentally leaking sensitive information.
It is essential, therefore, that your users understand digital security risks and proper policies for
sharing information.
Fostering a culture of security requires a solution that will do three things:
1. Enforce security policies to protect users from their own mistakes,
2. Educate and remind users about data security, and
3. Empower users to take responsibility for data security.
Data classification solutions meet all three of these requirements. Classification applies the
email or document classifications as visual markings that clearly identify to the user the
sensitivity of the information.
Classification headers and footers in emails, documents, presentations and spreadsheets
ensure that users are always aware of the value of the information they are handling.
There can be no, “I didn’t know this was sensitive information” excuses, as the classification is
clearly visible on screen or when printed.
Many agencies want their users to be actively engaged in cybersecurity, even with the ability to
apply classification automatically based on a number of content, environment and contextual
variables.
They want their users to stop, think and consider the value of the information they are creating
and sharing. This modification to the users’ workflow is negligible from an efficiency perspective
but hugely influential from a security culture perspective.
41 Cyber Warnings E-Magazine – April 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
