Skip to content

Data Classification

Data Access Security's Data Classification engine identifies and categorizes data based on data sensitivity, its impacts, and the importance of the data to the business.

The Data Classification engine is a mechanism to classify organizational data and to apply categories to that data based on the content of files and data assets residing on the various applications.

Data Classification can leverage preset packaged policies and rules, as well as create custom ones, to identify sensitive information such as personal information, medical records, or payment card information which may by subject to certain regulations such as HIPAA, PCI, and regional data protection and privacy regulations like GDPR, CCPA, LGPD, etc. In addition, policies and rules can be created and leveraged to identify organizational “crown jewels”, such as content that may include intellectual property, classified, or restricted content.

Data Access Security delivers a variety of preset classification rules and policies including policies to identify Personal Identifiable Information (PII), Protected Healthcare Information (PHI), and information subject to GDPR regulation, and rules to identify different data elements such as Payment Card Information and various national identifier patterns, among others.

In addition, administrators and compliance managers can customize policies, rules, search pattens, and conditions to create their classification criteria to address their unique needs.

The Classification policies and rules can be leveraged to classify data assets and apply classification categories on the data assets based on their content analysis.

For more information on content-based classifications, see Classification Types.

External Classification

In addition to its native classification capabilities, Data Access Security can also interact and leverage classification tags and categorizations done by external or 3rd-party tools. This can be done in several ways:

  • When the existing classification or data categorization applied metadata tags or attributes to the files or data assets themselves, such as in the case of MIP, Titus and others. Data Access Security will be able to extract and read these classification tags, act on them, and incorporate them into its own classification process.
  • In addition, Data Access Security can import classification tags and data categorization through its Data Classification Import capabilities. Import capabilities can ingest classification results when these are exported to a file-based format, and integrate them into its own classification catalog.
  • These methods can be leveraged to incorporate classification results to encrypted or password protected files and data assets without the need for enabling Data Access Security to read the encrypted or protected content.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.