|
The security policy should clearly identify levels of security that surround a certain document / information. With physical documents, papers and folders, you can use the phrases “Company/Client Confidential” or “Restricted to Users”.
In a network, where it is difficult to insert a label to a file, access permissions are set.
Labels on information should include the following:
- Software name and version number
- Name of the author of information
- Description of files
- Access Permissions
- Classification of information (Company Confidential, Client Confidential or Restricted to Users Only, etc.)
In a network, you will not able to read the label on a file but when trying to view the file, you see a screen indicating that "You do not have access" or "Access Denied".
When dealing with files that are critical, it will not be uncommon to find that these files will be protected via encryption. Encryption is the process of making a file unreadable to anyone other than the authorized viewers of that file. |
