Sensitivity Labeling: Categorizing Data to Improve Security
Sensitivity Labeling: Categorizing Data to Improve Security
As an employee or contractor with BDSCS, you are an integral part of our data use and protection policies. Please review this short document on label use within Office 365, and do not hesitate to reach out to the Help Center if you have questions on this topic.
Applying Data Labels:
1.) Create a new document.
![]()
![Screen_Shot_2022-12-16_at_9.29.23_AM.png]()
2.) Enter your sensitive data.
![Screen_Shot_2022-12-16_at_9.29.35_AM.png]()
![]()
3.) Don't save without adding a label!
![Screen_Shot_2022-12-16_at_9.29.49_AM.png]()
![]()
4.) Use the sensitivity label tab shown to select a label.
![Screen_Shot_2022-12-16_at_9.29.59_AM.png]()
![]()
5.) Our document is now labeled.
![Screen_Shot_2022-12-16_at_9.30.08_AM.png]()
![]()
6.) Labeling is complete and your document can now be saved. If no label is manually selected, the document will default to Business\Internal on save.
![Screen_Shot_2022-12-16_at_9.30.18_AM.png]()
![]()
When To Use Which Labels:
The default label for documents (Word, Powerpoint, Excel, etc.) is Business\Internal, while the default label for emails is Business\External. Please note: This is subject to change.
Public: The public label is to be used for information that may be disclosed with anyone regardless of their affiliation with BDSCS. Data with this label can be shared freely and are not monitored.
- Press/Media Releases
- Information used for public advertising or marketing.
- Information intended to be passed to consumers (product training)
- Course Catalogs
- Application and request forms
Business\Internal: The business internal label should be used with information that is potentially sensitive and not intended for public knowledge, use, or dissemination:
- Internal Memos
- Emails regarding internal business functions or affairs
- Meeting recordings, outlines, media and or notes
- Internal procedures and policies
- Internal and client contact information
- Privileged client data used by BDSCS
Please Note: Data with this label applied is restricted from leaving the organization.
Business\External: The business external label mirrors the business internal label usage, EXCEPT: It may be shared with external clients, vendors, partners, and/or third parties where necessary to conduct regular business operations:
- Correspondence with clients
- Meeting data with external parties
- Privileged data exchanged with external parties and BDSCS
Confidential\Internal: The Confidential Internal label is used for information that, if made available to unauthorized parties, may adversely affect individuals or the business of BDSCS and our partners:
- Information covered by regulatory laws such as health, employment, financial or other personal info
- Personally identifiable information covered under data privacy laws and regulations including social security, driver's license, and credit card numbers
- Information entrusted to BDSCS by clients, vendors, partners, etc.
- Legally privileged information that is subject to a confidentiality agreement
Please Note: Data with this label applied is restricted from leaving the organization. At a future date, the data will also be protected with encryption.
Confidential\External: The Confidential External label is used for data that is confidential in nature but also must be shared with third parties as a necessity to conduct regular business operations:
- Data that requires security higher than Business External due to its nature (i.e., highly privileged client or employee data)
- Data which may be shared externally but only to the appropriate, explicitly defined parties, and only under strict care
Please Note: At a future date, data with this label applied will be protected with Do Not Forward encryption.
Restricted Use: Restricted Use data includes any information that BDSCS has a contractual, legal, or regulatory obligation to safeguard in the most stringent manner. In some cases, unauthorized disclosure or loss of this data would require BDSCS to notify the affected individual, client, vendor and state or federal authorities. This is the type of data that if lost/leaked, would harm the company, or can give an advantage to our competitors
- Company trade secrets
- BDS intellectual property
- Unencrypted IT security data including passcodes, keys electronic tokens
- Criminal background data
Please Note: Data with this label applied is restricted from leaving the organization.
Thank you for being agile and incorporating sensitivity labeling into your everyday workflow. Little steps like this will make a huge difference in BDS’ operations, organization, and security.
Important Links:
BDS Solutions: Data Classification Policy