Developing supporting processes
Once the enterprise has decided that data classification must occur and action must be taken to prevent misuse and loss of data, there must be processes in place to ensure actions can be taken to enforce and assign accountability for data protection in accordance with enterprise policies and standards. It is good to have a technology that can help the organization, but if it is not operationalized properly it will become a burden and not provide the intended value, therefore undermining security initiatives for secure data storage, transmission, and use. Because data is at the center of the enterprise whether accessed by automated processes, applications, or humans, any changes to secure data must be a collaborative evaluation and implementation as the nature of enterprise data protection is a cross-functional implementation and may require significant resources to implement. All supporting processes need to be identified and developed (if nonexistent) to...
