Inherent in all human application is the potential for human error
The quality of your data security is reliant upon the quality of your classifications.
Automated classification is one way you can drive up the quality of your data classifications. Then, as with other approaches to data classification, this can work hand in hand with your DLP to step in and stop data from being sent where it shouldn’t be, enforcing your company’s data security policies efficiently and seamlessly.
What is automated classification?
Automated classification is where your data classification software prompts or supports users in the successful and accurate classification of their data files.
There are a number of ways automated classification can be used to ensure optimal success in data classification. Automated classification can be;
- Fully Automated
- Suggested
- Prescribed
- User-endorsed
It relies on information such as where data is stored, how it is shared, when it was created, and even content scanning to classify data correctly
Folder-based classification
Automatic classification can add meta tags based on the folder the document is saved to, so your documents from your financial planning folder are automatically tagged with a higher classification level than the Christmas rota.
Storage-based classification
And if you save documents to a particular drive, server or the Cloud, metatags predefined by your policy can be added automatically to help classify your data.
Suggested classification
Suggested classification offers a half-way house between a pure user-based classification approach and an automated classification approach. Suggested classification involves scanning documents to identify topics or themes from which potential classifications can be recommended.
Recommendations can be based on the user, content or the type of document created, offering a faster and potentially more uniform classification process. Classification recommendations can be presented for the user to approve before being attached to the data file, still bringing with them the benefits of increasing the awareness of the value of data.
Prescribed classification
System generated data can also be classified without user input. Policies can be set to ensure that your automatically generated IT logs and end of day sales reports can also be easily retrieved, managed and controlled.
User-endorsed classification
When automated classification, with the time and accuracy benefits that it brings, is really tempting but you still need user confirmation, user-endorsed classification can help to give you peace of mind.
User-endorsed classification will recommend and add data classification tags, but these will only be seen as authoritative when a user approves these classifications, giving you speed, accuracy and confidence.
Automated attachment checking
You’ve classified your emails. And you’ve classified your documents. But, by attaching a sensitive document to an email with broad classification permissions, there’s still the opportunity for sensitive data to escape.
Automated attachment checking can help you to close that opportunity for PII, budgets and other valuable data to sneak out of your control. By scanning a document’s metadata classifications once the user has clicked send, your classification solution can ensure the document’s classifications are compatible with those set in the email, and alert the user to any inconsistencies. Or with the help of your DLP, the attachment can be prevented from being sent at all when the addressee is an unauthorised recipient.
Deployments
We secure the entire journey of your data, from consultancy and technical design, right through to installation, training and support.
Challenge: Controlling data with vast user access
With over 4000 end users, an Insurance industry client came to HANDD for help. They needed to ensure policy details couldn’t be sent to unauthorised external parties by email. Using data classification, we identified and classified new documents containing policy numbers. Then we integrated the classification platform with the client’s Symantec DLP solution, enabling DLP to work more efficiently to ensure sensitive content only travels to cleared recipients.
Challenge: Managing compliance with large volumes of legacy data
With billions of records to sift through and strict compliance mandates, a global bank needed to get control over their legacy data. First, using a discovery tool HANDD helped them identify their sensitive data and discover where it was stored. Then, we labelled their data using Data Classification. This enabled them to apply protective measures efficiently to their most sensitive files for the first time.
Challenge: Ad-hoc application of protective measures
Staff typing SECURE into email subject lines to trigger downstream protection of sensitive data left plenty of scope for error. At this leading financial services organisation classification was inconsistent and ad-hoc. Security of delivery was unreliable. They contacted HANDD for help improving their classification processes. We implemented a Data Classification solution that would automatically classify emails. Integrating with a message gateway it prevents data falling into the wrong hands.
Challenge: Controlling data with vast user access
With over 4000 end users, an Insurance industry client came to HANDD for help. They needed to ensure policy details couldn’t be sent to unauthorised external parties by email. Using data classification, we identified and classified new documents containing policy numbers. Then we integrated the classification platform with the client’s Symantec DLP solution, enabling DLP to work more efficiently to ensure sensitive content only travels to cleared recipients.
Challenge: Managing compliance with large volumes of legacy data
With billions of records to sift through and strict compliance mandates, a global bank needed to get control over their legacy data. First, using a discovery tool HANDD helped them identify their sensitive data and discover where it was stored. Then, we labelled their data using Data Classification. This enabled them to apply protective measures efficiently to their most sensitive files for the first time.
Challenge: Ad-hoc application of protective measures
Staff typing SECURE into email subject lines to trigger downstream protection of sensitive data left plenty of scope for error. At this leading financial services organisation classification was inconsistent and ad-hoc. Security of delivery was unreliable. They contacted HANDD for help improving their classification processes. We implemented a Data Classification solution that would automatically classify emails. Integrating with a message gateway it prevents data falling into the wrong hands.