Installed the firewall? Check. Set up the VPN? Check. Fired up the anti-malware scanners? Check. So, your data must be secure now? Don't be so sure.
Just because you've locked down your infrastructure security doesn't mean that the data it holds is safe. Firewalls or not, a misguided employee might try to copy a sensitive file to a USB drive or store it on a part of the network where unauthorised employees or third parties might see it. The way to solve that problem is by classifying your data so that you can control what happens to it.
Data classification embeds information about a file directly in the form of metadata. It can tell you whatever important things about a file you choose to encode there, including its sensitivity level, who owned it, and when it was created. Software programs can read that metadata and use it when deciding what to do with a file.
Classifying files digitally this way brings several benefits spanning security and beyond. Using the right document management software, you can set rules to stop people doing certain things with files based on their specification. For example, information rights management (IRM) software can stop you sending particular kinds of file outside the company or require them to be encrypted with a password. It can stop others printing those files. This helps you manage the life cycle of a file based on the information it contains.
This makes a data classification regime great for compliance. If a regulation forces you to keep a file with customer information for seven years and mandates that you delete it afterwards, then classifying your files up front helps you identify what to save. Similarly, running a regular search can easily surface files that are ageing out and need to be scrubbed.
These compliance benefits extend to cover some of the stricter regulations that we've seen recently, such as the General Data Protection Regulation (GDPR). This document, which is still law in the UK even after Brexit, forces a company to hand over all the personal information it keeps about an individual. Moreover, the company has to delete it if the person withdraws their consent to use it.
If you don't index information in unstructured files properly, you could miss some of the data that falls under GDPR when serving those requests. By tagging it with a certain data type or owner, you can conduct faster and more comprehensive searches for sensitive data relating to particular individuals.
So if you want to stop employees copying sensitive files to removable storage and taking it out of the office, classification is key. This approach to data management is about more than just avoiding data breaches and regulatory fines, though. It's about saving money and making things work more smoothly.
By classifying data, you can determine which files your systems should store on slower, cheaper storage and which should be routed through to fast but expensive solid-state disks where each megabyte of capacity is valuable. Some data can be archived quickly, and by classifying it you can select what's important up front, running regular scans to see what data can be moved to the archives.
You can classify data in two ways. The first is at the point of creation, when an employee produces a file. The second is by using data discovery tools that will enable you to bulk classify the existing files in your network, helping you to make those more secure too.
With data volumes growing at an alarming rate, and with unstructured data in the form of documents, phone recordings, and photographs exploding on business networks, classification might just save your bacon during the coming datapocalypse. Why not use it now to get more acquainted with your files?