Why Sensitivity Labels:

Patriot Growth insurance Services (PGIS) has implemented a Sensitivity Label solution to discover, classify, protect, and govern sensitive information wherever it lives or travels.

What Problems are Solved Having Sensitivity Labels in Place? 

Adding this single sensitivity labeling solution across apps, services, and devices solves potential data security and privacy issues to protect data as it travels inside and outside our organization. The solutions are listed as followed:

  • Discovers, labels, and protects sensitive information such as PII and PHI that resides in our data stores (Cloud or on-premises).
  • Helps prevent unintentional sharing of sensitive items.
  • Protects against viewing of data by unauthorized systems or personnel.

What Are Sensitivity Labels?

Sensitivity labels provide users with options to classify data in Microsoft Office documents according to predefined labels. Once a document is “stamped” with a sensitivity label, the security policy associated with that sensitivity label protects the document’s information. 

Sensitivity labels are used to protect information in web-based versions and Office desktop apps like Word, Excel, PowerPoint, and Outlook etc. and support this platforms Windows, macOS, iOS, and Android environments.

Target Workload for Sensitivity Labels?

Workload

Scenario

General (content) 

Automatically identify locations where sensitive information is stored across the Office 365 landscape

Email

Allow users to manually classify and protect email according to an enterprise classification scheme

Teams communications

Automatically block messages in chats or channel messages that contain certain keywords or other sensitive information?

Office apps

Allow users to manually classify Office content according to an enterprise classification scheme

Sites, Groups and Teams

Allow users to classify and protect sites, groups, and/or Teams when provisioned (container-level protection)

SharePoint Online and OneDrive

Automatically label and protect content containing sensitive information

 

List of Patriot Sensitivity Labels

  1. General – 

Data/information that is freely used, reused, and redistributed with no restrictions on access or usage. Examples can include press releases, brochures, and published research. Information where there would be absolutely no consequences if breached.  This can be public information that is easily accessible on our website or via Google.

  1. Internal – 

Data that is strictly accessible to internal employees/personnel who are granted access. Examples can include company memos, internal communications, and marketing research. Information that is more sensitive and for internal purposes only.  Internal data can also include discussions regarding hiring via email, documents containing how PGIS might use a vendor, RA drafts 

  1. Confidential – 

Data that requires granted access and/or authorization and should be contained within the business or specifically permissible third parties. Examples can include performance reviews, emails from counsel, salary negotiations, and letters of intent. 

  1. Highly Confidential – 

Data that is highly sensitive on a need-to-know basis. If highly confidential data is compromised or accessed without clearance, the  result could resort to heavy legal fines and irreparable company damage. Examples include trade secrets, PII, health information, data protected by federal regulations, and any document or data containing  one or more instance(s) of PII or PHI. 

 

How are Sensitivity Labels Applied?

Sensitivity labels are applied as followed: 

  1. Automatically-

PGIS’ system will automatically apply or recommend a  sensitivity label to files and emails. 

This option allows files, Microsoft SharePoint sites, or emails that contain certain types of information - such as social security numbers, credit card numbers, or other sensitive information types -  to have a specified label either recommended for, or applied, automatically without user intention.

 

  1. Manually-

Users will apply the label manually to files,  Microsoft SharePoint, Teams and emails.

This option requires users to apply a label to their emails and documents. Users must select and apply a sensitivity label under the following scenarios:

  • For labeling in Office Desktop Applications 
    1. Document Labeling (Word, Excel, PowerPoint): When an unlabeled document is opened or saved.
    2. Email Labeling (Outlook): At the time users send an unlabeled email message. 
    3. Outlook Mobile Labeling: Labeling can be changed when the email message is first composed.

A screenshot of a computerDescription automatically generated

Figure 1 - Selecting A Sensitivity Label

 

Justify Changes to Sensitivity Label

Your Patriot system administrator  has a policy in place that requires you to provide justification before changing a sensitivity label from a higher sensitivity to a lower sensitivity or vice versa. In this configuration, you may be asked to choose a justification reason or provide your own explanation when selecting a higher or lower sensitivity label.

The dialog box that appears when your organization requires you to provide a justification for changing a sensitivity label.


Learn more on the Patriot Knowledge Center: Data Storage, Classification, and Sensitivity Labels