Understanding the Set of Labels

The next step is to decide:

• How to encode the labels into the classifications and compartments that make up sensitivity labels and clearances,

• What kinds of handling instructions should appear on printed output.

  The Security Administrator used a large board and pieces of paper marked with the words that should be in the labels, as shown in Figure 5-7, to visualize the relationships and rearrange the pieces until they all fit together.

  The administrator came up with the following:

• The four labels are hierarchical with the label containing REGISTERED the highest and the PUBLIC label the lowest.

• Only one label needs to be associated with group names

  The list of those cleared to receive registered information is limited on a case by case basis, so REGISTERED does not need any group names. INTERNAL_USE_ONLY applies to all employees and those that have signed nondisclosure agreements, and PUBLIC labels are for everybody, so neither of these labels needs further qualification. The NEED_TO_KNOW label does need to be associated with non-hierarchical words, such as NEED_TO_KNOW MARKETING or NEED_TO_KNOW ENGINEERING. The words that identify the group or department can also be included in a user's clearance, as part of establishing that user's need to know.

• Each of the labels except PUBLIC require that the person accessing the information must have signed a nondisclosure agreement.

  A phrase such as NON-DISCLOSURE AGREEMENT REQUIRED would be a good reminder that this requirement exists.

• The handling instructions on banner and trailer pages should have clear wording on how to handle the information based on the classification and on any group name that may appear in the label.

  Along with information on the sensitivity of the printer output, handling instructions should remind the reader that a nondisclosure agreement is required for any output whose label requires it.

Figure 5-7 Example Planning Board for Label Relationships