Information Classification and Control

This is a recording of SecureTheVillage’s webinar on August 2nd, 2018, hosted by Stan Stahl, PhD.

Description: Classification and Control of information is at the core of information security. Before one can effectively secure information, one must know it is in need of protection and one must have in place a “structure” for managing who has access to it. This requires that, for every piece of information, someone—the information owner—must know where it is located and have authority to (i) “classify” the information in some “standardized” way and (ii) control access to it.

Classifying Information Needing Protection:

  • PII
  • GLB
  • GDPR
  • The new California Privacy Law
  • An organization’s own sensitive information, including IP, Trade Secrets, etc.

Security Classifications:

  • Public Information
  • Internal Use Only Information
  • Restricted Information

Speaker: Michael Gold, Partner, Jeffer, Mangels, Butler & Mitchell.

Michael is co-chair of the Firm’s Cybersecurity and Privacy Group. Michael counsels clients in a wide variety of matters, including data breach responses and investigations, crisis management, development of computer-based information retention systems, forensic investigations of computer systems, and computer and internet privacy matters. Michael also assists clients in developing and implementing information management and governance best practices and developing policies and compliance structures for protecting personal and company information. 

Slides: Information Classification and Control

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge