Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
How to Use Dashboards
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
How to Use Agents SettingsHow to Use Data Retention SettingsHow to Use Notifications SettingsHow to Use Remediation SettingsHow to Use Scan SettingsHow to Use Updates SettingsHow to Use Global Ignore ListsData Asset Inventory SettingsPassword PolicySpirion Sensitive Data Platform Console Site Whitelist
Global Classifications
How to Classify Sensitive DataHow to Use Global ClassificationsClassification PersistenceHow to Create a Custom ClassificationExamples of Various Classification Types How to Edit a ClassificationHow to Search for a ClassificationHow to Delete a ClassificationHow to Export ClassificationsHow to Import ClassificationsHow to Bulk Export Classifications
Global Data Types
SearchAPI
Script Repository
Additional Resources
Reports
Reporting API
Customer Support Articles

Classification Persistence

There are three different types of data classification that can be applied to sensitive data scanned by Spirion Sensitive Data Platform.

Overview

  • Persistent classification is vital for consistent data management
  • Data at rest and data at motion both require classification persistence
  • archTIS Spirion persistently classifies data at rest using privacy-grade accuracy to label files with metadata which then informs in-motion data loss prevention (DLP) controls.
  • Whether applied manually or automatically via Scan Playbooks, classification labels are critical components to protecting sensitive information.
  • Using persistent archTIS Spirion-applied labels, DLP solutions focus on performing actions rather than inspecting content, acclerating accuracy and performance

For a high-level video overview of file Classification, Persistence and how it dovetails with data loss prevention tools (DLPs) watch this archTIS Spirion Classification Demo.

What is File Classification Persistence?

File classification persistence refers to the ability of a file's security classification (for example, "Confidential," "PII," "Internal") to remain with the file, regardless of how or where it is moved, copied, renamed, or attached to an email.

This ensures that the classification travels with the data.

What are the Different Types of Classification Persistence?

There are three different types of sensitive data classification persistence:

  • Persistent
  • Semi-persistent
  • Non-persistent

Persistent

In persistent classification, classifications are embedded within the file metadata ensuring the classification persists even when the file is moved, emailed, or copied.

  • In Spirion Sensitive Data Platform, the following file types support persistent classification:
    • Office 2007+ files that utilize the XML schema (those with a trailing 'x,' that is, ".DOCX")
    • XMP
    • GIF
    • BMP
    • PDF

Semi-persistent

In semi-persistent classification, classifications are added to the alternative data stream (ADS) “side car” that accompanies the file as it moves around an NTFS file system.

  • In Spirion Sensitive Data Platform the following file types support semi-persistent classification:
    1. There are 4 pieces of metadata written into the ADS, most importantly:
      1. IFClassification_name
        1. Holds the classification name(s)
      3. IFClassification
        1. Holds the classification GUID(s)
    3. Any file on an NTFS file system supports this type of classification
    4. If the file leaves the file system, the classification does not leave with it

Non-persistent

In non-persistent classification, classification is retained only within the Spirion application.

  • In Spirion Sensitive Data Platform the following file types support non-persistent classification:
    • Called “In database” for Spirion Sensitive Data Manager (SDM).
    • Any file or “location” (file or email, including file path) retained by the application can be classified


Was this article helpful?

Powered by Product Fruits