Data classification is the process of organising data into categories depending on its type, sensitivity and importance to help protect and manage it effectively.
It matters in cybersecurity as it is the cornerstone of a strong data security strategy, allowing for visibility of data and enabling effective access control and regulatory compliance, reducing the risk of breaches and severs.
There are three types of data classification: structured, unstructured and semi-structured.
Structured data is formatted and organised into rows and columns, making it easy to identify and search, like data in a spreadsheet.
Unstructured data does not have a defined structure, such as social media posts, whereas semi-structured data has some structure to it, like XML data.
There are several data classification techniques, and each has its own best practices, which need to be considered when undertaking a data protection strategy.