Confidentiality¶
As of now Agoora does not support any dedicated way on how to classify data within a topic for confidentiality. However, as data in Kafka topics are also data assets, a proper classification is needed to achieve the appropriate handling. Agoora supports the management of tags which can be used to classify the data. Additionally for highly classified data Agoora also supports security trimming so that only certain people have access to the description within Agoora. This does not help with the management of Kafka however, thus we always recommend to add a classification based on tags.
We suggest using the following classification:
| Identifier | Text | example | description |
|---|---|---|---|
| C4 | Public | public documentation, API, Open Data | No special restrictions needed. Can be made public without further consideration |
| C3 | Internal Use | Employee Handbook | Free for internal use. No special restrictions to protect against access of internal entities. Has a minimal impact on business if leaked. |
| C2 | Restricted | pricing, marketing materials | Access to data requires special privileges. Should not be freely shared with third parties and allowing others access needs some consideration. Will have a negative impact on business if disclosed. |
| C1 | Confidential | health data, PI data, trade secrets | Access to data is highly restricted. Should only be shared with key people on a need-to-know basis and handled with care. Significant damage to business if disclosed |
As tags we suggest to either use the short form (e.g. C1), the text form (e.g. Confidential), or a combined form (e.g. C1-Confidential). Use whichever suits your usecase best and whichever is best understood in your context.