Information Classification - Benchmark/Wisdom needed

[Jim Moore <jhmfa () CIS RIT EDU>]

I have just formed 2 groups on campus, a group of advisors - for
strategic reasons, and a group of security coordinators (appointed by
their Deans, VPs, Provosts) who obtain the resources for the "virtual
teams", be they technical, managerial, communications, etc.  The reason
that these groups are important, is so that everyone can participate at
roughly the same time.  I have had a hard time getting through the
concerns of using a one on one method.

So yesterday, I present the best understanding of what I had collected.
  Four levels of confidentiality, -- RIT Confidential, 3rd Party
Confidential, RIT - Internal Use Only (optional), and
Public/Unrestricted Distribution (optional - assumed if no classification).

Our admissions/financial aid organization, which deals with a large
intake of paper documents, and mails a lot of information (e.g.
acceptance, and award letters) basically said that we would be adding a
huge burden to them.  So the request was to benchmark information
classification as it related to admissions/financial aid.

1) Does anyone require classification, and marking of the paper documents?

2) Anything that you learned in tuning the process?

3) Any other wisdom to share?

Jim


- - -
Jim Moore, CISSP, IAM
Information Security Officer
Rochester Institute of Technology
13 Lomb Memorial Drive
Rochester, NY 14623-5603
Office: 585-475-5406
Fax: 585-475-7950

"In cases of defence 'tis best to weigh the enemy more mighty than he
seems" - William Shakespeare (Henry V, Act 2, Scene 4)

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.