Tip

Overlooking declassification



Most security environments have classification schemes that are used to define and determine the sensitivity of the resources contained within. These classification schemes usually define elaborate classification procedures, criteria and security mechanisms. However, one aspect that is overlooked far too often is that of declassification.

Declassification is the means by which out of date, obsolete or marginalized data is moved from a higher classification level to a lower one. Declassification is an important part of any classification scheme for several reasons. If all resources remain at their initially assigned classification level forever, then the value of each classification scheme is reduced. This devaluation occurs as resources age or the reality they represent changes so that those resources no longer warrant the higher level of protection offered by the higher classification schemes.

The security provided at the higher classification levels is also more costly than the security offered at lower classification levels. If resources are not declassified when they no longer need the higher grade of protection, then the organization is wasting money providing high levels of protection when it is not needed. By declassifying data as needed, each classification level retains its value and the security each level provides is the most cost effective possible.

A clearly defined declassification process should be outlined and included in

    Requires Free Membership to View

the security documentation that outlines the classification structure. The declassification process should define when data is re-evaluated for a classification change, who has authority to recommend a classification change, the checks and balances procedures for validating that a resource should be re-classified, and the actual steps by which the label on a resource is changed and that resource is moved from one classification environment to another.

About the author
James Michael Stewart is a partner and researcher for ITinfopros, a technology-focused writing and training organization.


This was first published in January 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.