As of this moment we have the following Data Set security classifications:
Restricted – Data can only be accessed by authorized individuals or processes.
Public – Data is public facing, such as company name etc.
Personal – Data is personal
A customer has requested that we add in further security. At their organization, they use the following security:
Restricted - Restricted data requires strict privacy and security protections. Special authorization may be required for use and collection. Examples - data sets with individual Social Security Numbers (or last four of SSN), credit card transaction or cardholder data, patient health data, financial data, etc.
Sensitive - Data confidentiality required by law, policy, or contractual obligation but requires only internal privacy and security user protections.
Internal - Confidentiality of data is preferred, but information contained in data may be subject to open records disclosure. Examples - email correspondence, budget plans, etc.
Public - Data can be disclosed without restriction. Examples - directories, maps, sales materials, de-identified data sets, etc.
We have plans to make this configurable. We will update this Idea when we can tie this to a release plan.
Syniti team needs to identify how we want to support security classifications:
What is our POV when it comes to classifications out of the box (e.g. support GIAC/SANS standard)?
How customizable should this be for customers? (Highly customizable may create an immense amount of configuration overhead for users.)
Attachments Open full size