AWS Security Blog

New data classification whitepaper available

We’ve published a new whitepaper, Secure Cloud Adoption: Data Classification, to help governments address data classification. Data classification is a foundational step in cybersecurity risk management. It involves identifying the types of data that are being processed and stored in an information system owned or operated by an organization. It also involves making a determination about the sensitivity of the data and the likely impact arising from compromise, loss, or misuse.

While data classification has been used for decades to help organizations safeguard sensitive or critical data with appropriate levels of protection, some traditional classification approaches lacked specificity and would place large amounts of differing levels of data under the same strict tier. Regardless of whether data is processed or stored in traditional, on-premise systems or the cloud, data classification is a starting point for maintaining the confidentiality—and potentially the integrity and availability—of data based on the data’s risk impact level, so setting the right level of specificity matters.

This whitepaper is focused on best practices and the models governments can use to classify their data so they can more quickly move their computing workloads to the cloud. It describes the practices and models that have been implemented by early adopters, and it recommends practices to meet internationally recognized standards and frameworks.

If you have questions or want to learn more, contact your account executive or contact AWS Support.

Want more AWS Security news? Follow us on Twitter.