SlideShare une entreprise Scribd logo

Classifying Data to Help Secure Business Information - Template fromMicrosoft

Télécharger en tant que DOCX, PDF
David J Rosenthal
David J Rosenthal
Technologie
1  sur  7
Work Smart by Microsoft IT Classifying and Protecting Your Business Information Customization note: This document is based on the experience of Microsoft IT and contains guidance and/or step-by-step instructions that can be reused, customized, or deleted entirely if they do not apply to your organization’s environment or installation scenarios. All forms of information, including ideas and concepts, have potential business value. Whether you are exchanging emails, sharing documents, or having a phone conversation, it is your responsibility to help protect your company’s confidential information. The greater the information’s value, the more security controls you should put in place to protect it. This guide provides an overview on how to properly classify business information and data according to the potential impact of unintentional disclosure: High, Moderate, and Low Business Impact. It also introduces some solutions that are available to help protect your information before you transmit, share, store, or dispose of it. Topics in this guide include: Classifying your information Protecting your information Classification and data dissemination guidelines Recommended security practices For more information
2 | Classifying and Protecting Your Business Information Classifying your information Information can be classified into three areas, according to the potential impact of its unintentional disclosure: High Business Impact (HBI), Moderate Business Impact (MBI), and Low Business Impact (LBI). Table 1. Information classifications HBI HBI applies to any information including emails, documents, messages and phone conversations that, if disclosed without authorization, could result in immediate, direct or considerable impact to the company, the information owner and customers. HBI information should only be shared with those on a “need-to-know” basis. HBI includes Highly Sensitive Personally Identifiable Information (HSPII). MBI MBI applies to information that, if disclosed, could cause indirect, limited impact the company, the asset’s owner and valued customers. MBI information should only be accessible to those people who have a legitimate business need to view the information. MBI includes Personally Identifiable Information (PII). LBI LBI classification applies to information assets that, if disclosed without authorization, could cause limited, or no material loss to the company, the asset owner, or relying parties. Important: The guidance provided in this document is for example purposes and every organization is unique. In the following sections, please be aware that your company’s HBI, MBI, and LBI information and data could require more or less restrictive classification levels. Classification of some common information types Below is table of guidelines that might be helpful in determining a type of data's classification level. Table 2. Guidelines to help determine data classification level Data includes the following info: HBI MBI LBI Email Address X Social Security Number X Documents regarding process or procedure X Private cryptographic keys X Username and Passwords X Publicly accessible information X Company trade secrets X Financial information related to revenue generation X List of Phone Numbers X Employee Zip Codes X Numeric ID sequences / PINs X
3 | Classifying and Protecting Your Business Information Tips:  Use the more restrictive classification if data falls into more than one classification level or if you are unsure of its classification.  Treat information as HBI if it does not have a classification, but is marked “confidential.” Important Notes:  It is your responsibility to understand the business value of your information and to apply the correct classification and protection.  Remove HBI or MBI information from your computer before retiring it or sending it offsite for repairs.  Remember to check your company policies as their classification levels may vary from the examples provided in the table above. Protecting your information Now that you know how to classify your information, you will learn what tools are available to ensure that your data is protected when it is sent, shared, stored, backed up, or deleted. This guide provides an overview of four technologies that can be used to help protect information.  Information Rights Management. An Office feature of Rights Management Services (RMS), IRM enables you to apply specific access permissions to documents, workbooks, and presentations to prevent unauthorized forwarding, printing, or copying; and to set expiration dates after which files no longer are available. More information about IRM is available at http://technet.microsoft.com/en-us/library/cc179103.aspx.  Secure/Multipurpose Internet Mail Extensions (S/MIME). With S/MIME you can encrypt and/or digitally sign your email messages. Encrypting your messages converts data with a cipher text so that only people who you specify can read it. Digitally signing an email message helps ensure that no tampering occurs while your message and its attachments are in transit. More information about S/MIME is included in the Message Encryption and Filtering topic at http://technet.microsoft.com/en- us/library/jj891023.aspx.  BitLocker Drive Encryption. BitLocker Drive Encryption is a data protection feature available in Windows Vista, Windows 7, and Windows 8. BitLocker encrypts the hard drives on your computer to provide enhanced protection against data theft or exposure on computers and removable drives that are lost, stolen, or decommissioned. More information about BitLocker is available at http://technet.microsoft.com/en- us/library/hh831713.aspx. BitLocker To Go provides drive encryption to prevent unauthorized access on your portable storage drives. This includes the encryption of USB flash drives, SD cards, external hard disk drives, and other removable drives formatted by using the NTFS, FAT, or exFAT file systems.
4 | Classifying and Protecting Your Business Information  Encrypted File System (EFS). If your computer is not BitLocker compatible, you can use Encrypted File System (EFS) to encrypt specific files and folders by using a certificate. EFS requires that users with whom you share information enter the appropriate decryption key before they can access the encrypted content. More information about EFS is available at http://windows.microsoft.com/en- us/windows/what-is-encrypting-file-system#1TC=windows-7. The following table provide some guidelines about which technology you should use to protect the HBI or MBI information that you transmit, share, or store on your computer: Table 3. Preferred technology used to transmit, share, and store business information IRM S/MIME EFS BitLocker Transmit with internal email Preferred Acceptable N/A N/A Transmit with external email Works only with other federated RMS organizations Preferred N/A N/A Share using SharePoint Online Preferred N/A N/A N/A Storing on computer Acceptable with BitLocker N/A Acceptable with BitLocker Required Storing on removable media Acceptable N/A Acceptable Preferred Notes:  Information about applying Information Rights Management to a list or library is available at http://office.microsoft.com/en-us/sharepoint-server-help/apply-information-rights- management-to-a-list-or-library-HA010154148.aspx  More information about Information Rights Management is available in “What’s New with Information Rights Management in SharePoint and SharePoint Online?” at http://blogs.office.com/2012/11/09/whats-new-with-information-rights-management-in- sharepoint-and-sharepoint-online/
5 | Classifying and Protecting Your Business Information Classification and data dissemination guidelines The following table provides some classification-level guidelines for sending, sharing, storing, backing up, and disposing of business information. Table 4. Guidelines for sending, sharing, storing, backing up, and disposing of business information Action HBI MBI LBI Send data (via file transfer or email)  Requires asset owner approval to forward, export, or copy.  Requires encryption for internal and external delivery.  Requires encryption with S/MIME or IRM for email.  Requires encryption for transfer outside of organization.  Requires encryption with S/MIME for email sent outside the corporate network. No special requirements. Share (via O365 SharePoint Online)  Use IRM to restrict forwarding, copying, and printing.  Restrict permissions to those identified by asset owner.  Requires formal agreement, which legal approves, for third parties, such as business partners.  Restricts permissions to those with legitimate business needs only.  Requires formal agreement, which legal approves, for third parties, such as business partners. No special requirements. Store (server, PC, CD, USB)  Requires encryption (BitLocker).  Allows storage on handheld devices only if device supports strong encryption and authentication security controls.  May require encryption (as determined by the asset owner). No special requirements. Back up  Performed only by authorized personnel and stored only at a location approved by IT Security.  Encrypt storage media.  Store in a physically secure location in which backups are logged and access is controlled and monitored. No special requirements. Dispose of  Cross-shred or incinerate paper documents.  Destroy tapes and other magnetic media. Request that hard disk drives be destroyed.  Follow your organization policies for the appropriate disposal of retired hardware and media.  Cross-shred or incinerate paper documents.  Destroy tapes and other magnetic media.  Remove data on hard disks that you plan to reuse or retire.  Destroy inoperable hard disk drives. No special requirements.
6 | Classifying and Protecting Your Business Information Recommended security practices Use the Microsoft Office System Document Inspector If you plan to share an electronic copy of a Microsoft Office Word document with clients or colleagues, it is a good idea to review the document for hidden data or personal information that might be stored in the document itself or in the document properties (metadata). Document Inspector is a built-in tool that can be used to scan your data before sharing it with others. For more information on how to use Document Inspector, see Remove hidden data and personal information by inspecting documents at http://office.microsoft.com/en-us/word- help/remove-hidden-data-and-personal-information-by-inspecting-documents- HA010354329.aspx. Guard confidential information Do not discuss confidential information in public places. Beware of multiple network connections Never concurrently connect your computer to your corporate network and the Internet, or any other network that your company does not manage. This compromises your company's network security. Review list of group recipients Think globally before posting any content. Before you send or reply to email, post to Yammer, One Drive, or any another social website, or post data to SharePoint, make sure that the information is appropriate for disclosure to everyone who has access to the email or website. Use Outlook Web Access Use Outlook Web Access (OWA) to check your email from your home computer. Be careful if you access corporate resources by using kiosks and other public locations, even though OWA, as key strokes may be monitored if the public network does not have the correct configuration. Do not leave documents or presentations unattended Remove all documents after meetings, and erase whiteboards. Beware of posting on walls or bulletin boards If your document is HBI, do not post it in hallways or on bulletin boards.
7 | Classifying and Protecting Your Business Information For more information This guide provides foundational knowledge to help you make better decisions about securing your data. Other guides are available to teach you how to help protect your information. Visit the Modern IT Experience featuring IT Showcase at http://microsoft.com/microsoft-IT and search for the following Work Smart titles:  Securing your business information  Secure collaboration using SharePoint Online  Securing your computer  Protecting data with Windows 8 BitLocker The following content may be of interest to you as well:  Introduction to IRM for email messages http://office.microsoft.com/en-us/outlook-help/introduction-to-irm-for-email- messages-HA102749366.aspx  Video: Getting Started with Encrypting File System in Windows 7 http://technet.microsoft.com/en-us/windows/how-do-i-get-started-with-the- encrypting-file-system-in-windows-7.aspx  International Data Protection Standards http://download.microsoft.com/download/B/8/2/B8282D75-433C-4B7E-B0A0- FFA413E20060/international_privacy_standards.pdf  Work Smart by Microsoft IT http://aka.ms/customerworksmart This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. © 2014 Microsoft Corporation. All rights reserved.

Recommandé

Top 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationTop 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationWatchful Software
 
Data classification-policy
Data classification-policyData classification-policy
Data classification-policyCoi Xay
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...
CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...
CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...Jasper Oosterveld
 
Data Loss Prevention in Office 365
Data Loss Prevention in Office 365Data Loss Prevention in Office 365
Data Loss Prevention in Office 365CloudFronts Technologies LLP.
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 ComplianceDavid J Rosenthal
 
Data Classification Presentation
Data Classification PresentationData Classification Presentation
Data Classification PresentationDerroylo
 
General data protection
General data protectionGeneral data protection
General data protectionBrijeshR3
 

Recommandé

Top 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationTop 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationWatchful Software
 
Data classification-policy
Data classification-policyData classification-policy
Data classification-policyCoi Xay
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...
CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...
CollabDays NL 2023 - Protect and govern your sensitive data with Microsoft Pu...Jasper Oosterveld
 
Data Loss Prevention in Office 365
Data Loss Prevention in Office 365Data Loss Prevention in Office 365
Data Loss Prevention in Office 365CloudFronts Technologies LLP.
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 ComplianceDavid J Rosenthal
 
Data Classification Presentation
Data Classification PresentationData Classification Presentation
Data Classification PresentationDerroylo
 
General data protection
General data protectionGeneral data protection
General data protectionBrijeshR3
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure IslandsSecure Islands - Data Security Policy
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Comparing Approaches to Data Governance
Comparing Approaches to Data GovernanceComparing Approaches to Data Governance
Comparing Approaches to Data GovernanceDATAVERSITY
 
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondOffice 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondPriyanka Aash
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRIT Governance Ltd
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)KP Naidu
 
Information classification
Information classificationInformation classification
Information classificationHoward Diesel (CDMP BI, DW, DBA, Msc Elec Eng)
 
LGPD Privacy by Design 30nov2022.pdf
LGPD Privacy by Design 30nov2022.pdfLGPD Privacy by Design 30nov2022.pdf
LGPD Privacy by Design 30nov2022.pdfFernando Nery
 
Data protection
Data protectionData protection
Data protectionRaviPrashant5
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Data Privacy and Data Protection: Rotary’s Compliance with GDPR
Data Privacy and Data Protection: Rotary’s Compliance with GDPRData Privacy and Data Protection: Rotary’s Compliance with GDPR
Data Privacy and Data Protection: Rotary’s Compliance with GDPRRotary International
 
Gdpr overview ciso platform presentation
Gdpr overview ciso platform presentationGdpr overview ciso platform presentation
Gdpr overview ciso platform presentationPriyanka Aash
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR DemystifiedSPIN Chennai
 
Introduction to data protection
Introduction to data protectionIntroduction to data protection
Introduction to data protectionRachel Aldighieri
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA BasicsKarna *
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
Walmart-Mattel: Supply Chanin Management Best Practices
Walmart-Mattel: Supply Chanin Management Best PracticesWalmart-Mattel: Supply Chanin Management Best Practices
Walmart-Mattel: Supply Chanin Management Best PracticesShree Harsha
 
BlogWell New York Social Media Case Study: Walmart, presented by Lisa Thurber
BlogWell New York Social Media Case Study: Walmart, presented by Lisa ThurberBlogWell New York Social Media Case Study: Walmart, presented by Lisa Thurber
BlogWell New York Social Media Case Study: Walmart, presented by Lisa ThurberSocialMedia.org
 

Contenu connexe

Tendances

General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Comparing Approaches to Data Governance
Comparing Approaches to Data GovernanceComparing Approaches to Data Governance
Comparing Approaches to Data GovernanceDATAVERSITY
 
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondOffice 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondPriyanka Aash
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRIT Governance Ltd
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)KP Naidu
 
LGPD Privacy by Design 30nov2022.pdf
LGPD Privacy by Design 30nov2022.pdfLGPD Privacy by Design 30nov2022.pdf
LGPD Privacy by Design 30nov2022.pdfFernando Nery
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Data Privacy and Data Protection: Rotary’s Compliance with GDPR
Data Privacy and Data Protection: Rotary’s Compliance with GDPRData Privacy and Data Protection: Rotary’s Compliance with GDPR
Data Privacy and Data Protection: Rotary’s Compliance with GDPRRotary International
 
Gdpr overview ciso platform presentation
Gdpr overview ciso platform presentationGdpr overview ciso platform presentation
Gdpr overview ciso platform presentationPriyanka Aash
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
Introduction to data protection
Introduction to data protectionIntroduction to data protection
Introduction to data protectionRachel Aldighieri
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA BasicsKarna *
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 

Tendances (20)

18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...
 
Comparing Approaches to Data Governance
Comparing Approaches to Data GovernanceComparing Approaches to Data Governance
Comparing Approaches to Data Governance
 
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondOffice 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
Office 365 Security: Top Priorities for 30 Days, 90 Days and Beyond
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPR
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
 
Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)Managing Personally Identifiable Information (PII)
Managing Personally Identifiable Information (PII)
 
Information classification
Information classificationInformation classification
Information classification
 
LGPD Privacy by Design 30nov2022.pdf
LGPD Privacy by Design 30nov2022.pdfLGPD Privacy by Design 30nov2022.pdf
LGPD Privacy by Design 30nov2022.pdf
 
Data protection
Data protectionData protection
Data protection
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Data Privacy and Data Protection: Rotary’s Compliance with GDPR
Data Privacy and Data Protection: Rotary’s Compliance with GDPRData Privacy and Data Protection: Rotary’s Compliance with GDPR
Data Privacy and Data Protection: Rotary’s Compliance with GDPR
 
Gdpr overview ciso platform presentation
Gdpr overview ciso platform presentationGdpr overview ciso platform presentation
Gdpr overview ciso platform presentation
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slides
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
 
Introduction to data protection
Introduction to data protectionIntroduction to data protection
Introduction to data protection
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA Basics
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
 

En vedette

Walmart-Mattel: Supply Chanin Management Best Practices
Walmart-Mattel: Supply Chanin Management Best PracticesWalmart-Mattel: Supply Chanin Management Best Practices
Walmart-Mattel: Supply Chanin Management Best PracticesShree Harsha
 
BlogWell New York Social Media Case Study: Walmart, presented by Lisa Thurber
BlogWell New York Social Media Case Study: Walmart, presented by Lisa ThurberBlogWell New York Social Media Case Study: Walmart, presented by Lisa Thurber
BlogWell New York Social Media Case Study: Walmart, presented by Lisa ThurberSocialMedia.org
 
IDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATION
IDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATIONIDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATION
IDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATIONSuneal Saini
 
P& G case study analysis
P& G case study analysis P& G case study analysis
P& G case study analysis r-dilara
 
Mis case study - Procter & Gamble
Mis case study - Procter & GambleMis case study - Procter & Gamble
Mis case study - Procter & GambleNightfurry Faysal
 
p&g marketing strategies
p&g marketing strategiesp&g marketing strategies
p&g marketing strategiesritulakhotia
 

En vedette (8)

Walmart-Mattel: Supply Chanin Management Best Practices
Walmart-Mattel: Supply Chanin Management Best PracticesWalmart-Mattel: Supply Chanin Management Best Practices
Walmart-Mattel: Supply Chanin Management Best Practices
 
BlogWell New York Social Media Case Study: Walmart, presented by Lisa Thurber
BlogWell New York Social Media Case Study: Walmart, presented by Lisa ThurberBlogWell New York Social Media Case Study: Walmart, presented by Lisa Thurber
BlogWell New York Social Media Case Study: Walmart, presented by Lisa Thurber
 
IDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATION
IDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATIONIDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATION
IDENTIFICATION OF SOURCES OF INFORMATION, SEARCHING AND CLASSIFYING INFORMATION
 
P& G case study analysis
P& G case study analysis P& G case study analysis
P& G case study analysis
 
Mis case study - Procter & Gamble
Mis case study - Procter & GambleMis case study - Procter & Gamble
Mis case study - Procter & Gamble
 
Operation Management for Walmart
Operation Management for WalmartOperation Management for Walmart
Operation Management for Walmart
 
p&g marketing strategies
p&g marketing strategiesp&g marketing strategies
p&g marketing strategies
 
Procter and gamble (P&G)
Procter and gamble (P&G)Procter and gamble (P&G)
Procter and gamble (P&G)
 

Similaire à Classifying Data to Help Secure Business Information - Template fromMicrosoft

Securing Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by AtidanSecuring Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by AtidanDavid J Rosenthal
 
Data Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfData Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfAgusto Sipahutar
 
The Financial Balance Sheet Part I This slidesh.docx
The Financial Balance Sheet Part I This slidesh.docxThe Financial Balance Sheet Part I This slidesh.docx
The Financial Balance Sheet Part I This slidesh.docxarnoldmeredith47041
 
08. icv sastanak (microsoft) nikola office 2013
08. icv sastanak (microsoft) nikola office 201308. icv sastanak (microsoft) nikola office 2013
08. icv sastanak (microsoft) nikola office 2013Menadžment Centar Beograd
 
08. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 2013
08. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 201308. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 2013
08. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 2013Menadžment Centar Beograd
 
Protecting Data Privacy Beyond the Trusted System of Record
Protecting Data Privacy Beyond the Trusted System of RecordProtecting Data Privacy Beyond the Trusted System of Record
Protecting Data Privacy Beyond the Trusted System of RecordCor Ranzijn
 
Trusted information protection
Trusted information protection Trusted information protection
Trusted information protection Pablo Junco
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Avni Rajput
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Albert Hoitingh
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
The Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving ComplianceThe Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving CompliancePortalGuard
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfV2Infotech1
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxV2Infotech1
 

Similaire à Classifying Data to Help Secure Business Information - Template fromMicrosoft (20)

Securing Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by AtidanSecuring Business-Information from Microsoft -Presented by Atidan
Securing Business-Information from Microsoft -Presented by Atidan
 
Data Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfData Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdf
 
The Financial Balance Sheet Part I This slidesh.docx
The Financial Balance Sheet Part I This slidesh.docxThe Financial Balance Sheet Part I This slidesh.docx
The Financial Balance Sheet Part I This slidesh.docx
 
08. icv sastanak (microsoft) nikola office 2013
08. icv sastanak (microsoft) nikola office 201308. icv sastanak (microsoft) nikola office 2013
08. icv sastanak (microsoft) nikola office 2013
 
08. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 2013
08. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 201308. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 2013
08. ICV sastanak (Microsoft) Nikola Šoškić OFFICE 2013
 
Is It Possible to Prevent Data Leaks in an Effective Manner.pdf
Is It Possible to Prevent Data Leaks in an Effective Manner.pdfIs It Possible to Prevent Data Leaks in an Effective Manner.pdf
Is It Possible to Prevent Data Leaks in an Effective Manner.pdf
 
Responsible for information
Responsible for informationResponsible for information
Responsible for information
 
Term assignment
Term assignmentTerm assignment
Term assignment
 
Protecting Data Privacy Beyond the Trusted System of Record
Protecting Data Privacy Beyond the Trusted System of RecordProtecting Data Privacy Beyond the Trusted System of Record
Protecting Data Privacy Beyond the Trusted System of Record
 
Trusted information protection
Trusted information protection Trusted information protection
Trusted information protection
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data
 
Share point encryption
Share point encryptionShare point encryption
Share point encryption
 
Siem requirement.pdfsd
Siem requirement.pdfsdSiem requirement.pdfsd
Siem requirement.pdfsd
 
Can You Tell Me About Some Effective Ways to Prevent Data Leakage?
Can You Tell Me About Some Effective Ways to Prevent Data Leakage?Can You Tell Me About Some Effective Ways to Prevent Data Leakage?
Can You Tell Me About Some Effective Ways to Prevent Data Leakage?
 
Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021Global Security and Compliance Community conference 2021
Global Security and Compliance Community conference 2021
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdata
 
The Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving ComplianceThe Role of Password Management in Achieving Compliance
The Role of Password Management in Achieving Compliance
 
How to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdfHow to Secure Data Privacy in 2024.pdf
How to Secure Data Privacy in 2024.pdf
 
How to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptxHow to Secure Data Privacy in 2024.pptx
How to Secure Data Privacy in 2024.pptx
 

Plus de David J Rosenthal

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleDavid J Rosenthal
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021David J Rosenthal
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021David J Rosenthal
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from MicrosoftDavid J Rosenthal
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainDavid J Rosenthal
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldDavid J Rosenthal
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the EnterpriseDavid J Rosenthal
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantDavid J Rosenthal
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021David J Rosenthal
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureDavid J Rosenthal
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 

Plus de David J Rosenthal (20)

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made Simple
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from Microsoft
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva Introduction
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva Learning
 
Microsoft Viva Topics
Microsoft Viva TopicsMicrosoft Viva Topics
Microsoft Viva Topics
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 Overview
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid World
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital Assistant
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft Azure
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow Overview
 
Microsoft Power BI Overview
Microsoft Power BI OverviewMicrosoft Power BI Overview
Microsoft Power BI Overview
 

Dernier

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Dernier (20)

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

Classifying Data to Help Secure Business Information - Template fromMicrosoft

  • 1. Work Smart by Microsoft IT Classifying and Protecting Your Business Information Customization note: This document is based on the experience of Microsoft IT and contains guidance and/or step-by-step instructions that can be reused, customized, or deleted entirely if they do not apply to your organization’s environment or installation scenarios. All forms of information, including ideas and concepts, have potential business value. Whether you are exchanging emails, sharing documents, or having a phone conversation, it is your responsibility to help protect your company’s confidential information. The greater the information’s value, the more security controls you should put in place to protect it. This guide provides an overview on how to properly classify business information and data according to the potential impact of unintentional disclosure: High, Moderate, and Low Business Impact. It also introduces some solutions that are available to help protect your information before you transmit, share, store, or dispose of it. Topics in this guide include: Classifying your information Protecting your information Classification and data dissemination guidelines Recommended security practices For more information
  • 2. 2 | Classifying and Protecting Your Business Information Classifying your information Information can be classified into three areas, according to the potential impact of its unintentional disclosure: High Business Impact (HBI), Moderate Business Impact (MBI), and Low Business Impact (LBI). Table 1. Information classifications HBI HBI applies to any information including emails, documents, messages and phone conversations that, if disclosed without authorization, could result in immediate, direct or considerable impact to the company, the information owner and customers. HBI information should only be shared with those on a “need-to-know” basis. HBI includes Highly Sensitive Personally Identifiable Information (HSPII). MBI MBI applies to information that, if disclosed, could cause indirect, limited impact the company, the asset’s owner and valued customers. MBI information should only be accessible to those people who have a legitimate business need to view the information. MBI includes Personally Identifiable Information (PII). LBI LBI classification applies to information assets that, if disclosed without authorization, could cause limited, or no material loss to the company, the asset owner, or relying parties. Important: The guidance provided in this document is for example purposes and every organization is unique. In the following sections, please be aware that your company’s HBI, MBI, and LBI information and data could require more or less restrictive classification levels. Classification of some common information types Below is table of guidelines that might be helpful in determining a type of data's classification level. Table 2. Guidelines to help determine data classification level Data includes the following info: HBI MBI LBI Email Address X Social Security Number X Documents regarding process or procedure X Private cryptographic keys X Username and Passwords X Publicly accessible information X Company trade secrets X Financial information related to revenue generation X List of Phone Numbers X Employee Zip Codes X Numeric ID sequences / PINs X
  • 3. 3 | Classifying and Protecting Your Business Information Tips:  Use the more restrictive classification if data falls into more than one classification level or if you are unsure of its classification.  Treat information as HBI if it does not have a classification, but is marked “confidential.” Important Notes:  It is your responsibility to understand the business value of your information and to apply the correct classification and protection.  Remove HBI or MBI information from your computer before retiring it or sending it offsite for repairs.  Remember to check your company policies as their classification levels may vary from the examples provided in the table above. Protecting your information Now that you know how to classify your information, you will learn what tools are available to ensure that your data is protected when it is sent, shared, stored, backed up, or deleted. This guide provides an overview of four technologies that can be used to help protect information.  Information Rights Management. An Office feature of Rights Management Services (RMS), IRM enables you to apply specific access permissions to documents, workbooks, and presentations to prevent unauthorized forwarding, printing, or copying; and to set expiration dates after which files no longer are available. More information about IRM is available at http://technet.microsoft.com/en-us/library/cc179103.aspx.  Secure/Multipurpose Internet Mail Extensions (S/MIME). With S/MIME you can encrypt and/or digitally sign your email messages. Encrypting your messages converts data with a cipher text so that only people who you specify can read it. Digitally signing an email message helps ensure that no tampering occurs while your message and its attachments are in transit. More information about S/MIME is included in the Message Encryption and Filtering topic at http://technet.microsoft.com/en- us/library/jj891023.aspx.  BitLocker Drive Encryption. BitLocker Drive Encryption is a data protection feature available in Windows Vista, Windows 7, and Windows 8. BitLocker encrypts the hard drives on your computer to provide enhanced protection against data theft or exposure on computers and removable drives that are lost, stolen, or decommissioned. More information about BitLocker is available at http://technet.microsoft.com/en- us/library/hh831713.aspx. BitLocker To Go provides drive encryption to prevent unauthorized access on your portable storage drives. This includes the encryption of USB flash drives, SD cards, external hard disk drives, and other removable drives formatted by using the NTFS, FAT, or exFAT file systems.
  • 4. 4 | Classifying and Protecting Your Business Information  Encrypted File System (EFS). If your computer is not BitLocker compatible, you can use Encrypted File System (EFS) to encrypt specific files and folders by using a certificate. EFS requires that users with whom you share information enter the appropriate decryption key before they can access the encrypted content. More information about EFS is available at http://windows.microsoft.com/en- us/windows/what-is-encrypting-file-system#1TC=windows-7. The following table provide some guidelines about which technology you should use to protect the HBI or MBI information that you transmit, share, or store on your computer: Table 3. Preferred technology used to transmit, share, and store business information IRM S/MIME EFS BitLocker Transmit with internal email Preferred Acceptable N/A N/A Transmit with external email Works only with other federated RMS organizations Preferred N/A N/A Share using SharePoint Online Preferred N/A N/A N/A Storing on computer Acceptable with BitLocker N/A Acceptable with BitLocker Required Storing on removable media Acceptable N/A Acceptable Preferred Notes:  Information about applying Information Rights Management to a list or library is available at http://office.microsoft.com/en-us/sharepoint-server-help/apply-information-rights- management-to-a-list-or-library-HA010154148.aspx  More information about Information Rights Management is available in “What’s New with Information Rights Management in SharePoint and SharePoint Online?” at http://blogs.office.com/2012/11/09/whats-new-with-information-rights-management-in- sharepoint-and-sharepoint-online/
  • 5. 5 | Classifying and Protecting Your Business Information Classification and data dissemination guidelines The following table provides some classification-level guidelines for sending, sharing, storing, backing up, and disposing of business information. Table 4. Guidelines for sending, sharing, storing, backing up, and disposing of business information Action HBI MBI LBI Send data (via file transfer or email)  Requires asset owner approval to forward, export, or copy.  Requires encryption for internal and external delivery.  Requires encryption with S/MIME or IRM for email.  Requires encryption for transfer outside of organization.  Requires encryption with S/MIME for email sent outside the corporate network. No special requirements. Share (via O365 SharePoint Online)  Use IRM to restrict forwarding, copying, and printing.  Restrict permissions to those identified by asset owner.  Requires formal agreement, which legal approves, for third parties, such as business partners.  Restricts permissions to those with legitimate business needs only.  Requires formal agreement, which legal approves, for third parties, such as business partners. No special requirements. Store (server, PC, CD, USB)  Requires encryption (BitLocker).  Allows storage on handheld devices only if device supports strong encryption and authentication security controls.  May require encryption (as determined by the asset owner). No special requirements. Back up  Performed only by authorized personnel and stored only at a location approved by IT Security.  Encrypt storage media.  Store in a physically secure location in which backups are logged and access is controlled and monitored. No special requirements. Dispose of  Cross-shred or incinerate paper documents.  Destroy tapes and other magnetic media. Request that hard disk drives be destroyed.  Follow your organization policies for the appropriate disposal of retired hardware and media.  Cross-shred or incinerate paper documents.  Destroy tapes and other magnetic media.  Remove data on hard disks that you plan to reuse or retire.  Destroy inoperable hard disk drives. No special requirements.
  • 6. 6 | Classifying and Protecting Your Business Information Recommended security practices Use the Microsoft Office System Document Inspector If you plan to share an electronic copy of a Microsoft Office Word document with clients or colleagues, it is a good idea to review the document for hidden data or personal information that might be stored in the document itself or in the document properties (metadata). Document Inspector is a built-in tool that can be used to scan your data before sharing it with others. For more information on how to use Document Inspector, see Remove hidden data and personal information by inspecting documents at http://office.microsoft.com/en-us/word- help/remove-hidden-data-and-personal-information-by-inspecting-documents- HA010354329.aspx. Guard confidential information Do not discuss confidential information in public places. Beware of multiple network connections Never concurrently connect your computer to your corporate network and the Internet, or any other network that your company does not manage. This compromises your company's network security. Review list of group recipients Think globally before posting any content. Before you send or reply to email, post to Yammer, One Drive, or any another social website, or post data to SharePoint, make sure that the information is appropriate for disclosure to everyone who has access to the email or website. Use Outlook Web Access Use Outlook Web Access (OWA) to check your email from your home computer. Be careful if you access corporate resources by using kiosks and other public locations, even though OWA, as key strokes may be monitored if the public network does not have the correct configuration. Do not leave documents or presentations unattended Remove all documents after meetings, and erase whiteboards. Beware of posting on walls or bulletin boards If your document is HBI, do not post it in hallways or on bulletin boards.
  • 7. 7 | Classifying and Protecting Your Business Information For more information This guide provides foundational knowledge to help you make better decisions about securing your data. Other guides are available to teach you how to help protect your information. Visit the Modern IT Experience featuring IT Showcase at http://microsoft.com/microsoft-IT and search for the following Work Smart titles:  Securing your business information  Secure collaboration using SharePoint Online  Securing your computer  Protecting data with Windows 8 BitLocker The following content may be of interest to you as well:  Introduction to IRM for email messages http://office.microsoft.com/en-us/outlook-help/introduction-to-irm-for-email- messages-HA102749366.aspx  Video: Getting Started with Encrypting File System in Windows 7 http://technet.microsoft.com/en-us/windows/how-do-i-get-started-with-the- encrypting-file-system-in-windows-7.aspx  International Data Protection Standards http://download.microsoft.com/download/B/8/2/B8282D75-433C-4B7E-B0A0- FFA413E20060/international_privacy_standards.pdf  Work Smart by Microsoft IT http://aka.ms/customerworksmart This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. © 2014 Microsoft Corporation. All rights reserved.