Information Classification:



Similar documents
Setting Up Outlook on Workstation to Capture s

TITUS Data Security for Cloud Identify and Control Sensitive Data Sent to the Cloud

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

User Driven Security. 5 Critical Reasons Why It's Needed for DLP. TITUS White Paper

Compliance and Security Solutions

Background. Liwei Ren. Trend Micro

Message Classification user guide

Export the address book from the Blackberry handheld to MS Outlook 2003, using the synchronize utility in Blackberry Desktop Manager.

Whitepaper. Identifying, Classifying, and Protecting Personally Identifiable Information in Google Drive (Docs) Introduction.

BEING MOBILE WITH WINDOWS 8.1

IBM Unstructured Data Identification & Management An on ramp to reducing information costs and risk

Implementing Active Directory Rights Management Services with Exchange and SharePoint

Data Protection McAfee s Endpoint and Network Data Loss Prevention

Data Classification Technical Assessment

Symantec Enterprise Vault for Microsoft Exchange

WHITEPAPER. Nessus Exploit Integration

RightsWATCH. Data-centric Security.

How to install and use the File Sharing Outlook Plugin

Symantec Enterprise Vault for Microsoft Exchange

To successfully initialize Microsoft Outlook (Outlook) the first time, settings need to be verified.

E-Notebook SQL13.0 Desktop Migration and Upgrade Guide

Installing and Configuring Microsoft Dynamics Outlook Plugin to Use with ipipeline MS CRM

S A G E P A S T E L P A R T N E R V E R S I O N 1 2 V e r s i o n T r a i n i n g M a n u a l L e s s o n 6

External Authentication with Windows 2012 R2 Server with Remote Desktop Web Gateway Authenticating Users Using SecurAccess Server by SecurEnvoy

User Guide: Introduction to AWS-SAL

Symantec DLP Overview. Jonathan Jesse ITS Partners

Livelink ECM edocs Suite Roadmap

Exporting from FirstClass

Egress Switch Reader. User Guide 2.3

Setting up Microsoft Office 365

User Guide Microsoft Exchange Remote Test Instructions

DataCove. Installation Instructions for Search Plug-in for Microsoft Outlook 2007 & 2010 (All Users)

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

HP Records Manager. Release Notes. Software Version: 8.1. Document Release Date: June 2014

Veritas Enterprise Vault for Microsoft Exchange Server

How To Set Up A Load Balancer With Windows 2010 Outlook 2010 On A Server With A Webmux On A Windows Vista V (Windows V2) On A Network With A Server (Windows) On

Ekran System List of Frequently Asked Questions

Titus and Cisco IronPort Integration Guide Improving Outbound and Inbound Security. Titus White Paper

Overview of Active Directory Rights Management Services with Windows Server 2008 R2

EV Feature Briefing

The Future of Census Bureau Operations

Introduction to Business Process

Citrix and Windows Servers

White Paper. Managing Risk to Sensitive Data with SecureSphere

Hosted Microsoft Exchange Client Setup & Guide Book

System requirements for ICS Skills ATS

A Buyer's Guide to Data Loss Protection Solutions

harmon.ie Delivers the Business Value of Office 365 Migrations

Least Privilege in the Data Center

10 Building Blocks for Securing File Data

HP TeamSite Developer - Training Agenda

1. Has your command deployed an Enterprise Content Management (ECM) application? Yes, but we do not have TRIM deployed in ECM mode.

Top Four Considerations for Securing Microsoft SharePoint

Securing Microsoft Exchange 2010 With VeriSign Authentication Services

DFS Configuration and Best Practices Nasuni Corporation Natick, MA

The biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance

Hosted Microsoft Exchange Client Setup & Guide Book

Symantec Enterprise Vault for Microsoft Exchange Server

Lessons from the field: Implementing Information Governance and Records Management with Microsoft SharePoint

Securing Microsoft Exchange 2010 with Symantec SSL Certificates

Whitepaper. Advanced Threat Hunting with Carbon Black

Data Loss Prevention Program

Analyzing Network Servers. Disk Space Utilization Analysis. DiskBoss - Data Management Solution

Cloud Services. Anti-Spam. Admin Guide

HGC SUPERHUB HOSTED EXCHANGE

What does Management Mean to You?

GroupWise to PST Migrator

How To Handle A Threat From A Corporate Computer System

This guide provides all of the information necessary to connect to MoFo resources from outside of the office

Release Notes for Cisco IronPort Security Plug-in 7.3.1

EMC APPLICATIONXTENDER 8.0 Real-Time Document Management

Autodesk Navisworks 2015 Service Pack 3

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

Hosted Microsoft Exchange 2013 Service. Getting Started Guide

Active Directory Infrastructure Design Document

Agenda SAP AG or an SAP affiliate company. All rights reserved. 2

Installing Communicator on Citrix XenApp and Windows Servers

Installing and Configuring Windows Server Module Overview 14/05/2013. Lesson 1: Planning Windows Server 2008 Installation.

Thirtyseven4 Endpoint Security (EPS) Upgrading Instructions

RSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief

Transcription:

Information Classification: First Step to Effective Information Security" Sylvia C. Diaz, MS, MBA, CIPP/US! Associate Director, Information Governance" Biogen Idec"

A little bit about me" Sylvia C. Diaz, MS, MBA, CIPP/US Associate Director, Information Governance " " Vast experience in information governance in the Pharmaceutical and Biotech industries. " " Currently at Biogen Idec I am providing oversight for the transformation of the Information Governance function by evolving information management practices, implementing information classification and developing an enterprise content and information governance strategy. sylvia.diaz@biogenidec.com 2"

Who Is Biogen Idec?" FOUNDED IN! 1978! LEADERS IN MS RESEARCH! ONE OF THE WORLD S LEADING BIOTECHNOLOGY COMPANIES! HEADQUARTED IN CAMBRIDGE MA! 3"

Agenda" Our Information Classification initiative" A proactive approach to understanding our data" The journey to identify, classify and secure sensitive information" Lessons learned" " 4"

Top Reasons for Information Classification" User engagement and raise awareness that information has value" Security awareness and proper handling" Information protection and data loss prevention" Compliance with laws and regulations" 5"

Information Classification Initiative - Why?" Information Classification is foundational to protecting our information assets" 6"

Our Classification Journey Classification Schema! Developed Information Classification Schema*" Business Objectives" Confidentiality" Integrity" Availability" Impact" Scale" Low" Moderate" High" Implementation" Policy" Process" Automation" *Source: Gartner (December 2011)" Public" Internal " Secret" Keep it simple" No more than 3 4 levels" Provide examples " 7"

Our Classification Journey The Policy! Developed Information Classification Policy! It is short" Handling guidelines" Non-prescriptive" No reference to technology, departments & data types " Establish responsibilities:" Employee (creator, receiver and user of the information)" Departments" Management" 8"

Our Classification Journey The Tool! Email Files Documents Collaboration Platforms Policy does not work alone" Can t rely on users to classify manually" Maintain current business process" Easy to configure and deploy" High impact, low effort" Reach different platforms" Classify multitude of file formats" 9"

Our Classification Journey The Tool" Data Classification Across the Enterprise" Message Classification for Microsoft Outlook! Classification for Microsoft Office! Classification for Desktop! Message Classification for Microsoft OWA! 10"

Our Classification Journey The Tool" Go for Flexibility!" PUBLIC INTERNAL CONFIDENTIAL Metadata One click classification! Easy to configure and deploy! Maintain current business processes! Based on user roles, departments, etc.! Apply flexibility in policy creation! Persistent metadata! Bulk classification! Interface with DLP tools! 11"

Our Outcome" Cultivate an information protection culture" Prompt users to stop, think and identify" Instill the business value of information" PII PCI FINANCIAL IP EXPORT Confidently share sensitive information Enhance data loss prevention (DLP)" Implement data governance policies" 12"

Lessons Learned" Communication and training are key!" Engage employees and management. " Classification policy needs to be in place." Emphasize the Why behind the policy." Keep classification schema simple. " Flexible tool." 13"

Questions" Thank You!" 14"

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information