A new UK government security classification policy comes into force today, describing how the government classifies information assets to ensure they are appropriately protected. The policy applies to all information that government collects, stores, processes, generates or shares.

The new scheme is part of the Cabinet Office’s ongoing efforts to improve data security across all government and public sector organisations, which are required to classify or protectively mark all of its information assets.

With the amount of data, both structured and unstructured, being created on a daily basis, understanding the value and importance of that data is increasingly relevant, and it is hoped that the introduction of the government's latest policy will encourage others to follow suit with a layered approach to information security.

Welcoming the introduction of the government's latest security policy, Martin Sugden of Boldon James, said: "Data classification brings many additional benefits over and above compliance. The metadata created by the label can be used to drive archiving, rights management and access control software. Irrespective of the legislation an organisation is subject to, data classification makes good data security sense and is best practice for a layered security approach. We hope to see private organisations take note and follow suit -- without data classification, organisations are flying blind when they allow employees to create and move data and they lose the insight into the value of the data they hold."

Sugden says getting users to label that data as they create it is the best way to ensure appropriate decision making about its storage and which partners, employees or customers should be allowed access to it. "Data classification not only empowers the user to understand the data they create, it also helps them understand the importance and business value of that data and enables the organisation to secure it appropriately," he added.

Share Story: