ASSET IDENTIFICATION

An Overview

This toolkit will help small businesses to identify data that is essential to safeguard from external vulnerabilities and ways to classify it into different forms. The following sections covers various type of data that is important and the different categories it can be classified. If you need more information on the below mentioned topics make sure to check out the full article for complete understanding.

What type of data needs to be protected

Protected health information is information, including demographic information, which relates to: (1) the individual’s past, present, or future physical or mental health or condition, (2) the provision of health care to the individual, or (3) the past, present, or future payment for the provision of health care to the individual.

All personally identifiable data about the cardholder (I.e. account number, credit/debit card numbers, expiration date, data provided by the cardholder, other electronic data gathered by the merchant/agent, etc.)

The government uses this number to keep track of your lifetime earnings and number of years worked and can lead to identity theft if not protected.

Username or email, in combination with password or security question and answer that would permit access to an online account.

Accounts within institutions or firms that deal with personal finances that may include investments, assets, or different types of transactions.

It may contain not only a person’s name, address and birthday, but also his or her SSN depending on the state in which the license was issued. This lethal combination can be used to steal someone’s identity and fraudulently open lines of credit in a person’s name.

Broadly data can be classified into following categories

PUBLIC

A dataset is classified as public if there is no harm or impact on the business in case the data set is disclosed or leaked. The examples of public dataset can be contact information, newsletters and press releases.

PRIVATE

A dataset is classified as private when the data contains confidential information related to the organization which could harm the reputation or the business of the company if the data is disclosed or leaked. Examples are contract information, employee reviews and organization charts.

RESTRICTED

A dataset is classified as restricted if the dataset contains important data related to customers or business which could have significant impact on the organization. Examples of restricted data are social security numbers of employees or credit card information of customers.

Cyber attacks are real!

Learn more about the value of protecting personal data

More Toolkits

Identifying Toolkit

Protection Toolkit

Responding Toolkit

Phishing Toolkit