Here at HANDD we do lots of work with organisations looking to implement a Data Classification (DC) solution. There are many different resources on this website which condone using DC within your technology stack.

But as we’ve said so many times before, DC does not solve your security issues. It helps drive upstream and downstream technology it doesn’t prevent a breach occurring.

20^th June 2022, we’ve seen another embarrassing breach, this time from a government website, which highlights that point precisely.

The document in question, which set about rulings on technology usage within the country in questions government, was classified as “restricted” and for access within the government departments only. However, found with relevant ease by the online website The Register.

The majorly ironic item for us governs the uploading of internal/restricted/confidential government data!

There’s a bunch of bits of technology which could have helped them here. Data Discovery (DD) in conjunction with the underlying classification policy perhaps being the obvious choice to find the offending server location of the data.

Or perhaps Data Loss Prevention (DLP) to check the classification tags when the document was attempted to be uploaded or downloaded.

The solution could be delivered many ways, but the problem remains the same. Choosing DC is good, making data protection decisions based on it is so so much better!

If you would like to discuss how HANDD can help your organisation with a DC solution or enhance DC policy further with a DLP or DD tool please contact us today at info@handd.co.uk or 08456 434 063.