Cleaned up Literature folder

Corpus/ISMS/Data classification/Examples of measures for different TLP classifications.md

@@ -0,0 +1,72 @@
+# Examples of measures for different TLP classifications
+
+*Voor Nederlands, zie [hier](Voorbeelden%20van%20maatregelen%20bij%20verschillende%20TLP%20classificaties.md).*
+
+**TLP: CLEAR**
+- No measures
+- No restriction on the use of AI tools
+- Documents are labeled with TLP:CLEAR
+
+**TLP: GREEN**
+- Access limited to[^1] :
+	- the organization itself
+    - authorized external parties
+    - using MFA (Multi-Factor Authentication)
+- SharePoint/Teams/OneDrive:
+    - placement in folders that are broadly accessible internally is allowed
+    - sharing only with authorized external parties
+    - placement on your personal OneDrive is allowed
+- Cloud services and collaboration tools:
+    - only use solutions approved/managed by the organization
+- Emailing and sending:
+    - additional measures are not necessary (such as encrypted email or secure connections)
+- Use of Co-pilot is allowed
+    - Devices and locations:
+        - storage and access only via managed devices
+        - do not leave devices unattended
+        - printing only on approved/secure printers
+        - physical documents should only be kept in approved locations
+    - Documents are labeled with TLP:GREEN
+ 
+**TLP: AMBER (+STRICT)**
+*All measures/restrictions of TLP:GREEN apply, plus:*
+
+- Access limited to:
+    - specific teams and departments within the organization
+    - specific authorized persons from external parties, under a signed NDA (Non-Disclosure Agreement)
+- SharePoint/Teams/OneDrive:
+    - only place in folders that have limited internal access
+    - only specific external persons may be granted access
+    - placement on your personal OneDrive is _not_ allowed
+- Cloud services and collaboration tools:
+    - only use solutions managed by the organization (specify)
+    - only use services with strict security (such as DigiD or Bank-tokens)
+- Emailing and sending:
+    - only via secure connections, in encrypted form, or via a 'secure mailing' solution (such as Zivver)
+    - data transfer is monitored for abnormal patterns
+- Use of Co-pilot is _not_ allowed
+- Documents are labeled with TLP:AMBER
+
+
+**TLP: RED**
+*All measures/restrictions of TLP:AMBER apply, plus:*
+
+- Access limited to:
+    - specific persons within the organization
+- SharePoint/Teams/OneDrive:
+    - only place in folders accessible to specific employees
+    - external persons may _not_ be granted access
+    - placement on your personal OneDrive is _not_ allowed
+- Full monitoring of data transfer: control and logging of all data traffic
+- Cloud services and collaboration tools:
+    - usage is limited to ...
+- Emailing and sending:
+    - Not allowed
+    - Full and detailed logging of all activities
+- Devices and locations:
+    - no access with mobile phones
+    - printing not allowed
+    - physical documents are kept in locked locations with restricted access (specify)
+- Documents are labeled with TLP:RED
+
+[^1]: Controls [[ISO_27002_2022_NL_BT_5.19 Information security in supplier relationships|5.19]], [[ISO_27002_2022_NL_BT 6.6 Confidentiality or non-disclosure agreements|6.6]], [[ISO_27002_2022_NL_BT 7.2 Physical access security |7.2]]