Skip to Main Content
Classifying data according to its permissible use, appropriate handling, and business value is critical for data privacy and security protection. This is essential for compliance with the constantly evolving regulatory landscape concerning protected data. Problems arise when users compromise data privacy and security by overlooking the critical need to manage data according to these requirements. This paper considers the creation and application of data classification systems for security and privacy purposes. It focuses primarily on classifying information in a meaningful way through the use of a partially automated methodology that normalizes and classifies structured data throughout an enterprise. We introduce the three pillars of the data-centric security model, which are based on the data-centric security classification offering by IBM Global Business Services (GBS) and the IBM Research Division. In particular, we describe the data classification pillar of the data-centric security architecture, which provides the framework and method for partially automated classification of data to meet the demands of compliance standards.
Note: The Institute of Electrical and Electronics Engineers, Incorporated is distributing this Article with permission of the International Business Machines Corporation (IBM) who is the exclusive owner. The recipient of this Article may not assign, sublicense, lease, rent or otherwise transfer, reproduce, prepare derivative works, publicly display or perform, or distribute the Article.
Date of Publication: March 2009