Talk to us

Data Security

We'd love to Talk

Data Classification

When developing a data classification scheme, you should always consider, (CIA) confidentiality, integrity and availability, for all data held in the organisation.

Understanding the type of sensitive data your business processes, stores and transmits is key to remaining compliant with industry Frameworks.

If your business processes

• PII - Personal Identifiable Information

• SPII - Sensitive Personal Identifiable Information

• Credit / Debit Card Records

• Cardholder Data / Sensitive Authentication Data

• Customer Information

• Financial / Sales Data

• Commercially Sensitive

• Employee Records

• Medical / Patient Records

The purpose to establish a framework is for:

- classifying data based on its level of sensitivity.

- assign a value and level criticality to the business if data is lost.

- Incorporate the Data Classification principles into the internal Information Security Policy.

- Classification of data will determine baseline security controls for the protection of data.

Data Principles applies to records or:

- Data which is managed on a need to know principle basis.

- Data is assessed by the quantity of data which is stored, processed or transmitted.

- Data Management is aligned to the Data Protection 1998 rules.

  • Data Classification
  • Public
  • Confidential
  • Sensitive
  • Highly Sensitive
  • Definition
  • This information can be distributed in the public domain.
  • Business Confidential Information.
  • Business Sensitive information, about individuals or employee, Commercially Sensitive.
  • Financial or Commercially Sensitive Information.
  • Data Records
  • Public Websites, Sales Brochures, Marketing Material.
  • Business letters, Firstname, Lastname, Address, Postcode, Email. Tel/Mobile.
  • Firstname, Lastname, Address, Postcode, Email, DOB, Passport, Driving ID, National Insurance Numbers, Payroll Data, Bank Accounts Details, Trade Secrets.
  • Financial Records, Sales Transaction Data, Credit / Debit Card Records.
  • Data Type
  • -
  • PII - Personal Identifiable Information
  • SPII - Sensitive Personal Identifiable Information
  • PCI DSS - Payment Card Industry, Data Security Standard

© 2013 Digital Secures Limited | Designed and built by Digital Websites Limited