troubleshooting Question

sample Data Classification documents

Avatar of sunhux
sunhux asked on
SecurityOS Security* Data Security
8 Comments2 Solutions139 ViewsLast Modified:
I'm writing a doc on Data Classifications (taking local regulatory/practices into context with
international practices such as GDPR as optional).  Data we have in mind are:

a) our customers particulars (which includes their NRIC# ie equiv of Social Security # in the
    US, their mobile/tel# and addresses : guess all these are PII)

b) bank account numbers of the customers (for payments)

c) the transactions including historical transaction details (customers sea-port clearances
    as well as the volume & types of goods they go through our sea-port)

d) IP addresses of customers who connect to us, internal IP addresses/hostnames of our
    servers

So for each data class, need to identify if
1. they must be hosted within our country if we use cloud (& if this is IaaS, SaaS, PaaS)
2. backup of the data must be encrypted
3. data at rest/in-transit must be encrypted
4. to be classified as Restricted, Confidential, Secret, or any other categories
5. which category to be detected by DLP & which category to be blocked by DLP
6. any other actions for each of the data categories

If there are such sample docs out there, care to point me to them?
ASKER CERTIFIED SOLUTION
btanExec Consultant
Join our community to see this answer!
Unlock 2 Answers and 8 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 8 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros