SUS04-BP01 Implement a data classification policy

Classify data to understand its criticality to business outcomes and choose the right energy-efficient storage tier to store the data.

Common anti-patterns:

You do not identify data assets with similar characteristics (such as sensitivity, business criticality, or regulatory requirements) that are being processed or stored.
You have not implemented a data catalog to inventory your data assets.

Benefits of establishing this best practice: Implementing a data classification policy allows you to determine the most energy-efficient storage tier for data.

Level of risk exposed if this best practice is not established: Medium

Implementation guidance

Data classification involves identifying the types of data that are being processed and stored in an information system owned or operated by an organization. It also involves making a determination on the criticality of the data and the likely impact of a data compromise, loss, or misuse.

Implement data classification policy by working backwards from the contextual use of the data and creating a categorization scheme that takes into account the level of criticality of a given dataset to an organization’s operations.

Implementation steps

Conduct an inventory of the various data types that exist for your workload.
- For more detail on data classification categories, see Data Classification whitepaper.
Determine criticality, confidentiality, integrity, and availability of data based on risk to the organization. Use these requirements to group data into one of the data classification tiers that you adopt.
- As an example, see Four simple steps to classify your data and secure your startup.
Periodically audit your environment for untagged and unclassified data, and classify and tag the data appropriately.
- As an example, see Data Catalog and crawlers in AWS Glue.
Establish a data catalog that provides audit and governance capabilities.
Determine and document the handling procedures for each data class.
Use automation to continually audit your environment to identify untagged and unclassified data, and classify and tag the data appropriately.

Resources

Related documents:

Related videos:

Enabling agility with data governance on AWS

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

SUS 4 How do you take advantage of data management policies and patterns to support your sustainability goals?

SUS04-BP02 Use technologies that support data access and storage patterns