Data classification describes the process of identifying and categorizing sensitive data based on predefined criteria such as the level of sensitivity, level of risk, etc. Organizing the sensitive data and creating an inventory based on its severity level and impact helps you implement effective data governance, security controls (encryption, principle of least privilege, etc.) and regulatory compliance as per International Standards Organization (ISO), General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), California Consumer Privacy Act (CCPA) and other data protection or data privacy regulations. This process is crucial for protecting data, quickly resolving any issues, and minimizing the risk of unauthorized access or data loss that could lead to financial and business implications.

DSPM uses predefined DLP engines and dictionaries for data classification and offers visibility into what type of sensitive data is stored in your cloud resources, the region where the data is stored, the files containing sensitive data, the severity of risk associated with the sensitive data, etc. Some of the common sensitive data categories include personally identifiable information (PII), health records, financial records, credit card numbers, government records, etc. To learn more, see About Data Inventory.

Data classification includes the following benefits and enables you to:

• Know what type of data is stored in your cloud resources.
• Know in which region this data is located.
• Know the users, roles, or services that are authorized to access the data.
• Know how the data is stored and managed.
• Evaluate the severity of risk associated with the data and prioritize remediation.
• Implement compliance regulations and internal controls for data governance.