Data Classification Policy¶
Version 1.0 | Classification: CONFIDENTIAL — Internal Use Only
Purpose¶
Establish data handling tiers for all information managed by GPUS-IT to ensure appropriate controls are applied based on sensitivity.
Classification Tiers¶
| Tier | Label | Description | Examples |
|---|---|---|---|
| 1 | PUBLIC | Approved for public release | Status page uptime data |
| 2 | INTERNAL | Internal use only; no external disclosure | Infrastructure documentation, runbooks |
| 3 | CONFIDENTIAL | Sensitive operational data; restricted to IT staff | Server configs, credentials, backup archives, DNS zone files |
| 4 | RESTRICTED | Highest sensitivity; access by named individuals only | DNSSEC private keys, VPN PSKs, admin credentials |
Handling Requirements¶
| Tier | Storage | Transmission | Disposal |
|---|---|---|---|
| INTERNAL | Any GPUS system | Encrypted in transit | Standard deletion |
| CONFIDENTIAL | GPUS systems only; no personal devices | Encrypted in transit; VPN required | Secure deletion |
| RESTRICTED | Encrypted at rest; management network only | Never transmitted in plaintext | Cryptographic erasure |
Current Restricted Data¶
- DNSSEC private keys:
/var/named/keys/*.private— chmod 600, root:named - VPN pre-shared key:
terraform.tfvars— access restricted to IT Admin - Admin passwords: 1Password / secure vault — never stored in plaintext files
Review¶
Reviewed annually by IT Manager and Security Ops.
Data Classification · v1.1 · 2026-03-14 · GPUS-IT · Classification: CONFIDENTIAL — Internal Use Only