-
A new approach to setting Security classifications on your Digital Information.
Let’s start with the word “Trust” one of the single most important words in business, industry, construction and information management.
“Without being able to trust information, I don’t value it, and if I don’t value it, I won’t expend any time, money or effort in procuring it, managing it, using it and disposing of it correctly.”
Just one instance of something not trustworthy in your common data environment or CAFM system can then taint the perception of every other piece of data in it. Making all your expense and efforts pointless.
Trust is built by creating information that is needed, of quality and can be easily found, but there is a little more to it than that. Security.
If your information isn’t secure, it could be manipulated by malignant actors, out for criminal profit, commercial damage or in a worst-case scenario attacking the lives and livelihoods of millions of people!
An IT department can assign a security level to a piece of information in a good “zero trust” environment easily enough, but how can we easily understand how secure each set of information needs to be and how to classify it? It is a daunting task when information requirements can run into the hundreds of thousands!
I am yet to see a project that does this in a well thought out and consistent manner. Most just blanket protect information, to a point where it is almost unusable or the people who actually need access so they can make a crucial decision have to wait weeks or months for someone to enable it.
Using a system of systems (see the previous article on Function/Performance Information Requirements) approach as the foundation of your design, construction and operations, allows a very smart way of securing both the physical and digital assets. (and the live links between them!)
-
1 Reply
-
The passage proposes that using a SoS approach with CARVER analysis allows for efficient and effective security assessment and classification of information, especially within large datasets. This, in turn, helps prioritize resources for detailed information requirements and ultimately builds trust in the information used for crucial decision-making.
Log in to reply.