M365 - How do I protect documents according to the Data Classification Table?

Adding sufficient protection is important in order to properly secure the classified information.

The table below is a simplified version of the Data Classification table in the Information & Security Policy. Please consult this document as well.

This will help you to decide what restrictions you should add to protect your documents:

Private and Public classified information does not have any special restrictions.

Internal Restricted Sensitive Access Store within SharePoint, file shares or other internal systems restricting access only to Powel employees Store within SharePoint, file shares or other internal systems restricting access only to the authorised employees. Store within SharePoint, file shares or other internal systems restricting access only to the authorised employees.

If available, multi factor authentication is to be enabled. Storage Store within SharePoint, file shares or other internal systems
Store within SharePoint, file shares or other internal systems that has encryption enabled and that are located within the EU/EEU. Store within SharePoint, file shares or other internal systems that has encryption enabled and that are located within the EU/EEU. Transport Share within SharePoint.

Avoid using email to share internal documents.

Do not share with externals without authorisation. Share within SharePoint. If sharing via e-mail, the "Do not forward" function is mandatory.

Do not share documents/attachments classified as "Restricted" using email.

Do not share with externals without authorisation. Share within SharePoint. If sharing via e-mail, the "Do not forward" function is mandatory.

Do not share documents/attachments classified as "Sensitive" using email.

Do not share with externals without authorisation. Disposal None Ensure all copies of the information is disposed in a secure matter. If the information is in paper format, a shredder or secure disposal bin is required. Ensure all copies of the information is disposed in a secure matter. If the information is in paper format, a shredder or secure disposal bin is required.