Get startedGet started for free

Data classification and tagging

1. Data classification and tagging

The last thing anybody wants to learn is that their personal information has been leaked or stolen. In your cloud security career, you or your team will be responsible for keeping sensitive personal information away from attackers. In this video, you'll learn about data classification, tags, and how categorizing data helps keep assets secure. Data classification is the process of analyzing data to determine its sensitivity and value. Data classification enables organizations to categorize their data, which helps security analysts efficiently find and secure assets. Organizations use sensitivity levels, data type, and value as metrics to organize the data. Let’s explore the different sensitivity levels of data: low, medium, and high. Lower sensitivity levels represent less of a risk for organizations. This makes low sensitivity data less valuable. For example, imagine you create an open-access, public blog that has lots of readers! Publishing a blog for the public to read is an example of sharing public information. And public information is the least sensitive type of data you can have. Medium sensitivity level data is more sensitive, and should be inaccessible to the public. Here’s an example. At a marketing company, an associate sends an internal memo with a little information about the company, along with meeting notes on an advertising plan outline. There’s no personal information, like social security numbers or medical documentation, and there are no company secrets. But, the information is still sensitive, and should not be shared with the public. High sensitivity data includes information like personal financial data, legal documentation, and company secrets. High sensitivity data is very valuable to organizations. For example, a database with all employees’ personal and employment data is highly sensitive. If an attacker gets that information, the employees’ identities will be in danger. Stolen or leaked sensitive data can lead to major consequences, like fines for violating privacy laws, or damage to the organization’s reputation. Cloud security professionals use tags as a consistent way to document and classify data. Tags are custom metadata fields you can attach to a data entry to provide context to people authorized to access the data. Metadata can include information like who is responsible for the data entry, and whether it contains highly sensitive data like personally identifiable information, or PII. Keep in mind, tags or labels are essential for data protection. They help your security controls find the data that needs to be protected. So, to protect your data, you need both the tags and the security controls. Let’s review an example of a customized PII tag. The information in this tag is presented as a label, followed by two metadata pairs. The first line of code is the label for the tag and it has the letters PII. The next line of code is the first metadata pair; it verifies that the value is true. This means there is personally identifiable information in this asset. The last line of code has the second metadata pair and it identifies the type of PII as a social security number, or SSN. Both of these pairs together, create a field in the tag. This PII tag example has a boolean field, abbreviated BOOL. That means there can only be two possible results, in this case: true or false. The asset with this tag has highly sensitive information, and the tag indicates what type of data it is. The tag classifies this information as high sensitivity, making it easier for security controls to locate. When you make your tags, you can use tag templates, or reusable structures to rapidly create new tags. You can make a template by putting together metadata values in fields. You can then grant or deny access to a template with identity and access management roles, or IAM roles. Now that you know about data classification, and tagging assets to classify and protect them, you can use them to protect data so you can keep the data from being leaked or stolen.

2. Let's practice!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.