Friday, January 04, 2008

Follow up to why classification matters (seems that others believe the same):

"It's not just data. You have to classify everything from a risk perspective," said Brian Cleary, vice president of marketing at access governance firm Aveksa. "Once you have those controls in place, the likelihood of losing that data goes down exponentially." Copied from an article about information loss prevention published here:http://www.crn.com/security/205207370

If you don't keep tabs (meta data) on the types of data you have, who has access (and should have access) its sensitivity, and its age, you are running blind.

A natural extension to a DLP implementation and solution is to implement a classification solution, an entitlement solution (helps SOX), and a retention solution.

No comments: