Beneficial Intelligence

Securing Your Data

October 30, 2020 Sten Vesterli Season 1 Episode 18
Beneficial Intelligence
Securing Your Data
Chapters
Beneficial Intelligence
Securing Your Data
Oct 30, 2020 Season 1 Episode 18
Sten Vesterli

In this episode of Beneficial Intelligence, I discuss classifying and securing your data.

Military forces have always needed to keep secrets, and they have hundreds of years of experience. You can learn from them. 

They use different classifications for different information, from UNCLASSIFIED over RESTRICTED to CONFIDENTIAL, SECRET, and TOP SECRET. That allows the organization to implement simple rules for handling and allowing access to information. 

Most organizations haven't changed their security policies since the only security you had was to lock important papers in a filing cabinet. You also need a security classification, and you need the business owner for each system to determine what the most sensitive information in each system is. When you have that information, ask the technical person responsible for the system for the security plan. You don't want to examine the details, but you want to make sure that more sensitive information is better protected. 

If you have a security classification, you can prioritize your resources and provide the highest protection to the stuff that matters most. 

------
Beneficial Intelligence is a weekly podcast with stories and pragmatic advice for CIOs and other IT leaders. To get in touch, please contact me at [email protected]

Show Notes

In this episode of Beneficial Intelligence, I discuss classifying and securing your data.

Military forces have always needed to keep secrets, and they have hundreds of years of experience. You can learn from them. 

They use different classifications for different information, from UNCLASSIFIED over RESTRICTED to CONFIDENTIAL, SECRET, and TOP SECRET. That allows the organization to implement simple rules for handling and allowing access to information. 

Most organizations haven't changed their security policies since the only security you had was to lock important papers in a filing cabinet. You also need a security classification, and you need the business owner for each system to determine what the most sensitive information in each system is. When you have that information, ask the technical person responsible for the system for the security plan. You don't want to examine the details, but you want to make sure that more sensitive information is better protected. 

If you have a security classification, you can prioritize your resources and provide the highest protection to the stuff that matters most. 

------
Beneficial Intelligence is a weekly podcast with stories and pragmatic advice for CIOs and other IT leaders. To get in touch, please contact me at [email protected]