Classification Persistence

File classification persistence refers to the ability of a file's security classification (for example, "Confidential," "PII," "Internal") to remain with the file, regardless of how or where it is moved, copied, renamed, or attached to an email. This ensures that the classification travels with the data.

There are three different types of sensitive data classification persistence:

• Persistent

• Semi-persistent

• Non-persistent

Persistent

In Persistent classification, classifications are embedded within the file metadata ensuring the classification persists even when the file is moved, emailed, or copied.

• The following file types support Persistent classification:

  • Office 2007+ files that utilize the XML schema (those with a trailing 'x,' that is, ".DOCX")

  • XMP

  • GIF

  • BMP

  • PDF

Semi-persistent

In Semi-persistent classification, classifications are added to the alternative data stream (ADS) “side car” that accompanies the file as it moves around an NTFS file system.

There are 4 pieces of metadata written into the ADS, most importantly:

• IFClassification_name

  • Holds the classification name(s)

• IFClassification

  • Holds the classification GUID(s)

  • Any file on an NTFS file system supports this type of classification If the file leaves the file system, the classification does not leave with it

Non-persistent

In Non-persistent classification, classification is retained only within the Spirion application.

• Called “In database” for Spirion Sensitive Data Manager (SDM).

• Any file or “location” (file including file path or email) retained by the application can be classified