// THREAT DETECTION AND DATA PRIVACY TERM
Data Classification
Data classification is the process of organizing data into categories based on its sensitivity, value, and criticality to an organization. This allows for appropriate security controls to be applied, ensuring that only authorized personnel can access sensitive information.
TECHNICAL DEFINITION
Data classification is a fundamental information security process involving the categorization of data assets (e.g., documents, files, databases) according to predefined sensitivity levels, such as Public, Internal, Confidential, and Restricted. This process, governed by security policies, enables the application of appropriate access controls, encryption, and handling procedures to mitigate risks of unauthorized disclosure, alteration, or destruction, particularly for Controlled Unclassified Information (CUI), PII, and national security intelligence.
BACKGROUND
The Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a guideline for classifying and describing cyberattacks and intrusions. It was created by the Mitre Corporation and released in 2013.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- information classification
- data categorization
- security labeling
- information labeling
- sensitivity labeling
- data tagging
USAGE NOTE
Classification levels are foundational for implementing access control models like Mandatory Access Control (MAC) and data loss prevention (DLP) systems.
DEVELOPERS
Organizations developing technology related to Data Classification.
Microsoft's comprehensive suite of solutions for information governance, risk management, and compliance. Its Information Protection capabilities allow organizations to discover, classify, label, and protect sensitive data across on-premises, cloud, and hybrid environments.
A data security platform that specializes in protecting data from the inside out. Varonis automatically discovers and classifies sensitive and regulated data, manages permissions, and detects threats by analyzing user behavior and data activity.
A leading provider of data classification solutions that help organizations identify and protect their sensitive data. Titus enables automated, system-suggested, and user-driven classification to enforce data security policies and prevent data loss.
A cybersecurity company offering Data Loss Prevention (DLP) and cloud security solutions. Forcepoint's technology uses advanced classification techniques, including fingerprinting and OCR, to identify and protect critical data across web, cloud, email, and private apps.
Symantec's Data Loss Prevention (DLP) solution provides comprehensive discovery, monitoring, and protection of sensitive data. It uses a range of advanced data classification and detection technologies to find sensitive information wherever it is stored or used.
Specializes in people-centric cybersecurity. Their Information Protection and Cloud Security platform includes advanced data classification to identify sensitive content in email and cloud applications, preventing data loss and ensuring regulatory compliance.
Provides a data classification platform that helps organizations identify sensitive, regulated, and mission-critical information across their IT infrastructure. The solution helps minimize data exposure, prove compliance, and improve data security.
A specialist in data classification and secure messaging software. Boldon James helps organizations manage and control data by involving users in the classification process, improving data governance and security effectiveness.