Comments (0)

Created

November 12, 2010

A Better Approach to Sharing?

If you are responsible in any way for sharing information, whether within government or to the public, appropriately classifying information is always a challenge. There’s a full spectrum of possibilities between full, open disclosure and compartmentalized “need to know”. Especially post 9/11, most US agencies have worked hard to establish guidelines and best practices to allow access to the right information to the right people at the right time. To that end, many agencies have created what in the private sector would be called, proprietary classification schemes. Like any proprietary approach, it works very well within a certain scope, but, it breaks down quickly when confronted with a similar, but, alternative approach. The consequences of such a breakdown can vary from something as simple as an embarrassing situation to a life-threatening scenario.

So, as of November 11th, an Executive Order was signed named “Controlled Unclassified Information” (CUI) that is focused on solving this dilemma across the entire federal government. Assigned by the President, NARA will act as the Executive Agent for this Order, driving a process intended to rationalize the various approaches already in place across the agencies.

Standardization, what a good thing! Not only does this Executive Order pave the wave for a common taxonomy that can be explained, understood, used and defended by everyone, it also sets the stage for the ability to apply automation. As digital information has become the norm, replacing paper as the means to create, store and share, the need for better control mechanisms has never been greater. We see evidence of this in the news all the time. Leaks, whether intentional or not, have become more pervasive. However, without a standard approach to classifying information, leveraging technology to help mitigate the risks has been a challenge.

Imagine if you will, the ability to integrate enforceable, digital policies directly into information in a standard fashion that would be recognized government wide. Such policies would give the government the ability to dynamically control who can see information, how long the information is visible, what people can do with it, etc. Wouldn’t it be useful to have policies automatically assigned to documents to minimize the risks of information traveling to the wrong places?

I am quite encouraged to see policy standards such as CUI come about. What are your thoughts?

To learn about technology from Adobe to help, please take a moment and visit this link.