• Choose a category
• All
• Classic-Fiction

Sensitive but Unclassified This classification is used for low-level security. It indicates that disclosure of this information might cause harm but wouldn’t harm national defense efforts. The amount of toilet paper a military base uses may be considered sensitive because this information might help an intelligence agency guess at the number of personnel on the base.

Confidential This classification is used to identify low-level secrets; it’s generally the lowest level of classification used by the military. It’s used extensively to prevent access to sensitive information. Information that is lower than Confidential is generally considered Unclassified. The Confidential classification, however, allows information to be restricted for access under the Freedom of Information Act. The maintenance requirements for a machine gun may be classified as Confidential; this information would include drawings, procedures, and specifications that disclose how the weapon works.

Secret Secret information, if disclosed, could cause serious and irreparable damage to defense efforts. Information that is classified as Secret requires special handling, training, and storage. This information is considered a closely guarded secret of the military or government. Troop movements, deployments, capabilities, and other plans would be minimally classified as Secret. The military views the unauthorized disclosure of Secret information as criminal and potentially treasonous.

Top Secret The Top Secret classification is the highest classification level. There are rumored to be higher levels of classification, but the names of those classifications are themselves classified Top Secret. Releasing information that is classified as Top Secret poses a grave threat to national security, and therefore it must not be compromised. Information such as intelligence activities, nuclear war plans, and weapons systems development would normally be classified as Top Secret.

The government has also developed a process to formally review and downgrade classification levels on a regular basis. This process generally downgrades information based on age, sensitivity, and usefulness. There are methods of overriding this downgrade process to prevent certain information from being declassified; some secrets are best left secret.

The military also uses an additional method of classifying information and access, which has the effect of compartmentalizing information. For example, if you were a weapons developer, it isn’t likely that you would need access to information from spy satellites. You would be given special access to information necessary for the specific project you were working on. When the project was finished, access to this special information would be revoked. This process allows information to be protected and access limited to a need-to-know basis.

The process of obtaining a security clearance either for the military or for a government contractor can be quite involved. The normal process involves investigating you, your family, and potentially anybody else who could put you in a compromised position. The process can take months, and it includes agents doing fieldwork to complete, or augment, the investigation.

Roles in the Security Process

Effective security management requires the establishment of a clear set of roles and responsibilities for everyone involved in the process. You’re learning to fill some of these roles as part of your Security+ certification:

Owner The owner of data is primarily responsible for establishing its protection and use. The owner, in most situations, is a senior manager or other decision maker within an organization. The owner is responsible for making sure everyone follows all relevant and appropriate laws and regulations. Ultimately, the owner usually delegates some or all of the roles associated with the data to other individuals in the organization.

Custodian The custodian of data is responsible