Classification
To get their work done, people at nBold collaborate with others both inside and outside the organization. This means that content roams everywhere, and when it roams, we want it to do so in a secure, protected way that meets our organization’s business and compliance policies.
Here is the list of classification labels we're using, from the least to the most sensitive:
Level | Label | Emoji | Description & Examples |
---|---|---|---|
5 | PUBLIC | 📢 | #public |
4 | EXTERNAL | 🔑 | #external |
3 | INTERNAL | 🔐 | #internal |
2 | CLIENT CONFIDENTIAL | 💥 | #client-confidential |
1 | COMPANY CONFIDENTIAL | 🔥 | #company-confidential |
Public
- Information that is not confidential and can be made public without any material implications.
- Loss of availability due to system downtime is an acceptable risk.
- Integrity is important but not vital.
- Material that can be accessed publicly by any anonymous user (unauthenticated).
External
- Information that is not confidential and can be shared externally without any material implications.
- Loss of availability due to system downtime is an acceptable risk.
- Integrity is important but not vital.
- Material that can be accessed by external non-employees users, such as partners or sub-contractors (authenticated), at the exclusion of clients.
Internal
- Information is restricted to approved internal access and protected from external access.
- Unauthorized access could influence our operational effectiveness, cause a significant financial loss, provide a significant advantage to a competitor or cause a significant reduction in customer confidence.
- Information integrity is vital.
- Material that can be accessed by any employee (authenticated).
Client Confidential
- Information received from clients in any form for holding or processing by ourselves.
- The original copy of such information must not be changed in any way without written permission from the client.
- The highest possible levels of integrity, confidentiality and availability are vital.
- Material that can only be accessed by some specific employees (authenticated).
Company Confidential
- Information collected and used by us in the conduct of our business to employ people, to log and fulfil client orders, and to manage all aspects of corporate finance.
- Access to this information is highly restricted within the our organisation.
- The highest possible levels of integrity, confidentiality and availability are vital.
- Material that can only be accessed by some specific employees (authenticated).