Welcome.
Before we begin, let's figure out why you're here - maybe you're a bank, and have recently been told your security is a bit "under-par"; maybe you're doing a research project for your Computer Science class; or maybe you're simply trying to keep the kids from seeing your "personal" files. Whatever the case may be, this is your resource for all things data classification. While this guide focuses mainly on the Microsoft Windows environment, the concepts and ideas presented are applicable to just about any system on the market.
First off, what is the meaning of data classification? Data classification is the concept of securing data in a computer network based on a layered security model. Too many big words? Ok, then consider this real-world example:
Real-World Example: A certain company has three levels of security. The general public is allowed into their main lobby. Employees are allowed into the area marked "Employees Only", but the general public is locked out. Inside that employee-only area is a room with confidential information, accessible only by administrative staff with a key card.
Now, apply this example to a computer network. Most small businesses have a single network share, where all users dump their documents regardless of what they are. For some that works, but for many it's a big "no-no"! Let's say you're a bank, and you have public records which should be made available to all employees, confidential information available only to specific departments, and restricted documents available only to the President and CFO of the bank. If your bank has a single Shared folder, and all these documents are located somewhere within, there isn't a whole lot of security going on in your network (not to mention you may have some difficulty passing your federal audits).
So, what is the solution to this "free-for-all network share"? Well, Data Classification!
