Can anyone tell me how a “protective marking scheme” actually works in your organisations?
And also what families of data does it apply to, i.e. just data that has been printed onto a paper copy, or does it also apply to electronic data like email, database records etc.
Out of interest if it applies to electronic email and database records especially, how do you “protectively mark” a database record?
Is it just the PROTECT, CONFIDENTIAL type marking on a document, and then a set of business rules communicated to all employees who handle such information to handle it in a specific way based on the protective label it has been given?
Is it typical some businesses have some types of not so sensitive data that doesn’t have to be protectively marked, and other types of more sensitive data that do need to be protectively marked? Or is it typical the whole business should have some sort of marking scheme for every type of data they process store?
And also how do you configure every IT application you use to print every document with the necessary PROTECT, CONFIDENTIAL type marking, it just doesn’t seem practical to me?
Any pointers most welcome…