Security/Data Classification

From MozillaWiki
Jump to: navigation, search

READY


The data classification is intended to allow Mozilla to operate effectively in the open while protecting sensitive information.

These data classification levels use the colors of the Standard Levels.


This classification scheme is solely meant to communicate who the intended audiences of a particular file is, not what type of content is contained within the document.


Updates to this page should be submitted to the source repository on github. Changes are detailed in the commit history.

The Mozilla Security Assurance team maintains this document.

Mozilla Data Classification

Sharing data

When sharing or distributing data, documents, etc. you are responsible for setting and changing a classification label. While it is required for all Google Drive documents, it is strongly advised that you use them with any tools and communications systems where Mozillians may share information. (e.g.: text documents, attachments to emails, Matrix topics, and other digital media documents).

Label Definition
Public Data that can be shared with the world.

The audience of this data is meant to be anyone, internal to Mozilla or the wider public.

Mozilla Confidential - Staff and NDA'd Mozillians Only
The audience of this data is any employee of the Mozilla Foundation, Mozilla Corporation or any other Mozilla subsidiary as well as any individual/entity that has an NDA with Mozilla.
Mozilla Confidential - Specific Workgroups and Individuals Only The audience of this data is meant to be specific workgroups or specific individuals. A Workgroup is a specific group of people, like a team. Use of this label requires the author to list out each workgroup and/or individual that the data is intended for, somewhere in the file.

Examples of data classification

The list of examples is not an exhaustive list, nor should this list be taken as classification of types of data, only intended audiences.

Label Examples
Public
  • Mozilla releases a document for public consumption
  • Upcoming product information product teams want to share with the public
  • Job listings on the Mozilla career page
Mozilla Confidential - Staff and NDA'd Mozillians Only
  • Information shared in the monthly MoCo/MoFo internal meeting
  • Bugzilla bugs with the "Moco confidential" or "infrastructure" flags
  • Aggregate survey data about Mozilla employees that is not meant for the public
  • Fox Fooding data for soon to be released products or services which is intended to stay within Mozilla
Mozilla Confidential - Specific Workgroups and Individuals Only
  • Service passwords/credentials
  • Bugzilla bugs with security or restricted flags
  • Proprietary or protected information, code, libraries from Mozilla partners
  • Contracts or legal documents that can't be shared with all of Mozilla
  • Unannounced communication materials (dates, visuals, plans) for campaigns, product launches, etc
  • Firefox release signing keys
  • Specific partner conversations
  • User/personal passwords/credentials
  • Community Participation Guideline (CPG) report data

Deciding how to classify

The list of examples of how to label data is not an exhaustive list and serves an an indication on how to ensure the data classification labels are clearly communicated.

There are always at least two people involved with exchanging confidential information:

  • The Owner is the person who created the file. The Owner and Discloser are often the same person, but not always.
  • The Discloser is the person who provides/sends/shares the information to the Recipient.
  • The Recipient is the person who receives the information.

When in doubt, it's always best to classify at the most specific classification.

All new documents, box.com, etc.

Label every document with its appropriate classification at the top of the document if possible. When possible, we recommend using the header feature of the document.

Google Apps

Label every document (Docs, Sheets, Slides, Drawings, etc.) with its appropriate classification by utilizing the required label functionality.

  • For Docs, we recommend including the label in the header of the document.
  • For Slides, we recommend including the label in the master slide so that it shows on all slides.
  • For Sheets, we recommend creating a dedicated sheet (the tabs at the bottom of the page) either called "Data Classification" or the name of the classification for the entire file. In that new sheet, indicate the data classification.

Wikimo (mediawiki), GitHub public repos

  • All documentation is by default Public on https://wiki.mozilla.org
  • No confidential information may be hosted on the wiki.

Email subject lines

  • Mozilla Confidential - Specific Workgroups and Individuals Only information must be labeled in the subject line and should not be forwarded without the original senders express permission.
  • For other emails, optionally label subjects with the appropriate classification. This one is up to you, but we encourage you to label emails when the subject is sensitive and it is important to alert recipients.

Matrix

Set your Matrix channel topic to start with the classification label. This is also recommended for public channels.

Also ensure that non-public channels are protected by password or channel access control.

Remember that Mozilla Confidential - Staff and NDA’d Mozillians Only and Mozilla Confidential - Specific Workgroups and Individuals Only may not be shared on Matrix.

Ex: "PUBLIC | This is a channel to discuss anything you like about Firefox".

Zoom, Hello, Hangouts, Skype and other video conference tools

  • When using video conferencing, if this is not a public call - ensure that only the people who need to know the information have access to the video conference and chat.
  • Verify the list of participants and verbally announce if you're going to share any non-public information.

Code and configuration deployments

When committing or deploying code that handles credentials:

  • Ensure that the credentials are stored in a separate file (if possible encrypted).
  • Optionally label the file with a comment mentioning it's data classification label (either inside the file or as a file attribute, or even in the file name if it makes sense)