1.2 KiB
Ideas about enforcement
The coverage of Enforcement tooling will not be complete, if only because their implementation will always be one step behind organizational reality. There will be information assets out of scope, by choice or accident.
There will be situations where the improper handling of assets is not prevented by such tooling, and employees would need to be aware of, or deduce from content, the classification of those assets, and make an informed decission on the proper handling.
The underlying idea is that I personally prefer that people have freedom of choice and be supported in making informed decissions. that is not only morally preferable, but it's a necessigty precisely because there will always be situations in which they need to decide for themselves.
There's also a link here to different stakeholders with different interests. Think of your stereotypical IT Guy, who wants to screw everything down, and Marketing Guy, who wants maximum freedom in the data lake.
Related: