Table 2-11 in book helpful for in-depth descriptions. Below is a basic view. 1 = most sensitive.
Commercial Businesses:
1. Confidential - if it got out could seriously effect the company
2. Private - potentially hurt the company
3. Sensitive - extra precautions to avoid accidental modification or deletion
4. Public - Still do not want it disclosed, but not at all detrimental
Military:
1. Top secret - could cause grave damage to national security
2. Secret - if disclosed, leads to security breach
3. Confidential - no one should no about it except people who need to
4. Sensitive but unclassified - minor security breach
5. Unclassified - No sensitive data here
These are just common models of information classification. There could be a lot of variance here depending on the company. Even whole systems should sometimes be classified, not just data. These classifications should exist no matter what form the data is in. Whether it's electronic, on paper, etc. it should all be treated in the same manner.
No comments:
Post a Comment