Thursday, March 28, 2024
HomeProtectThe Challenges of Data Classification

The Challenges of Data Classification

I recently had the opportunity to write an article for Help Net Security about the importance of establishing a data classification policy.

Enterprise collaboration systems, social media, mobile devices, and the cloud are great for innovation. However, they can quickly become a compliance headache for companies without proper policies and enforcement systems in place.

Companies with broadly-defined security protocols are missing out on an important owned asset – their existing data. Untagged data has the potential to become lost in data silos, undiscoverable and unprotected. On the other hand, data classification can allow an organization to exert better control over existing data. For example, using metatags is an excellent way to optimize retention programs and protect the flow of information.

In the article, I provide tips for organizations to implement a solid data protection program. These include:

  • Identify the most important data. Understand where this data is and classify it properly. This will allow you to set appropriate protection levels.
  • Trust and verify. Trust your end users to appropriately identify and classify sensitive data they’re creating, but verify that they are doing so.
  • Work with IT and the business from the start. Implement a standardized and repeatable process so that they will engage you as a project begins, rather than when it is the last step before launch.

Creating and enforcing a data protection program will operationalize an automated approach to tagging and classification. Taking these steps will help prevent data loss and make existing data discoverable.

To read more about how to implement an effective data protection program with governance and compliance policies, please visit Help Net Security.

To learn about how AvePoint can help simplify data protection and classification, please visit our website.

Dana S.
Dana S.
Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise

2 COMMENTS

  1. Great article, very comprehensive. What I have found that resonating recently with the market is automated classification being not only foundational to control, but important for business user productivity. The value of proper classification is compounded by automation in that it makes the application of the metadata non-intrusive plus the additive value of improved search, business process workflows, content grooming and records management. It is foundational in that it seeds more and more automation in the environment.

  2. We have customers commenting about how they tag historical data for their management of data retention. The software allows the IT staff to quickly and efficiently recognize data based upon their specific requirements by Organizational Units.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More Stories