Document Classification

Document Classification and its importance

The ownCloud Document Classification feature was designed to empower organizations to restrict access to files based on their content and/or meta-data, to secure the process of file sharing and prevent unauthorized access to documents and consequent data breach. Data Classification at ownCloud works with the system of tagging.

Human errors, lack of user awareness about data security, negligence and hacking attempts often lead to data loss and data abuse, resulting in disastrous losses for the company in terms of finances and goodwill. Document Classification prevents this by providing a strong layer of security for critical data and also fulfils data compliance requirements (like GDPR).

This feature is particularly useful if your company deals with valuable and/or sensitive data, for example, financial data, contracts, blueprints, and so on.

In summary, Document Classification enables ownCloud providers to:

• Comply with information security standards like ISO 27001/2
• Handle data in compliance with GDPR
• Manage risks effectively and cover potential data breaches
• Display the data classification levels to raise user awareness
• Prevent human mistakes when dealing with sensitive information
• Fulfil corporate data protection requirements

Document Classification and Risk Management

Data might be exposed to risk and non-compliance from varied sources. Document Classification is designed to enable enterprises to manage data protection requirements unique to their industry type and company structure, including the following:

• Internal risk management
• Regulatory requirements
• Industry-specific recommendations

Document Classification and Tagging

Document Classification in ownCloud is carried out through the tagging system. Tags can be of various types:

• Manual tagging (performed by users), for example, invisible files (only by admins), filter files etc.
• Automated tagging based on user or file properties

                     – Users

                     – File type, size etc.

• Automated tagging based on document metadata

Policy Enforcement

With the help of this feature, enterprises are able to define guidelines for content and security levels:

               – Public / Internal / Confidential / Strictly Confidential

               – Associate with contents

• Classify documents according to the guidelines
• Enforce policies based on classification levels

Furthermore, enterprises can enforce various kinds of policies: 

• Access policies (accessible with the File Firewall extension): It enables users to combine classification levels with specific user groups, for example, a specific group of users might be restricted from accessing documents tagged as Confidential, even if the files are shared with them accidentally.
• Feature Policies

                     – Classification

                     – Prevent Upload

                     – Prevent Link Sharing (for example, restrict external sharing for confidential files)

                     – Unprotected files expire after a specified period (for example, public files can be exempted from the rules imposed on internal files and made available for a longer period)