A company is building a ServiceNow application to manage employee onboarding. They need to store personal data like social security numbers (SSNs) and medical information. Which data classification scheme should they apply to these fields to ensure proper encryption and access controls?
Trap 1: Confidential
Confidential is for business-sensitive data, not the highest level.
Trap 2: Internal
Internal is for general internal use without special protection.
Trap 3: Public
Public is for non-sensitive data accessible to all.
- A
Confidential
Why wrong: Confidential is for business-sensitive data, not the highest level.
- B
Internal
Why wrong: Internal is for general internal use without special protection.
- C
Highly Confidential
Correct, this is the highest classification for sensitive personal data.
- D
Public
Why wrong: Public is for non-sensitive data accessible to all.