Providing Critical Data And Achieving Compliance – A US Defense Perspective

The Challenge

The security of information is critically important to organizations within the global defense sector. The sensitive data they are entrusted with as a result of the confidential nature of their work, and the type of customers they deal with, must be protected.

In defense, even a data breach that might be considered relatively minor could have severe consequences for the organization’s reputation and finances, and – even more seriously – for national security.

The information organizations process and handle on a daily basis often requires them to comply with various strict regulations and standards, such as export control, including ITAR/EAR, and government regulations including CUI and NIST.

Data classification is a simple concept that offers the enterprise wide, business critical protection defense organizations need.

Why Choose Fortra's Classifier Suite

  • We integrate with powerful data security and governance ecosystems
  • We protect business critical data, improve data control and reduce risk
  • We deliver improved and streamlined business performance
  • We are a “safe pair of hands” that constantly deliver success

The Solution: Classify Data To Shield The Organization From Risk

Implementing data classification software enables an organization to attach clear, consistent visual and metadata markings to messages, documents and files. Visual marks let users know how the information should be handled, while the metadata automatically enforces security policies by directing downstream solutions and technologies to control information flow and use to authorized individuals only.

There is a straightforward and powerful imperative for defense organizations to invest in a data classification solution: if you do not know what information you have, and how sensitive it is, you cannot ensure it is appropriately protected and controlled. In addition, without being able to prove that data is being properly safeguarded, organizations will fall short of compliance with regulations, increasing the risk of associated fines and penalties.

Clients within the defense industry have taken a number of very different approaches to implementing data classification. Fortra's Classifier Suite is flexible enough to cater for a wide range of classification and data control policies, ranging from those that involve simply labelling data with ‘ITAR’, for example, to more sophisticated and granular examples that classify information according who is allowed to access or modify it.

The organizations we work with use Classifier to provide an easy platform for:

  • Controlling access to sensitive data
  • Protecting intellectual property
  • Granular data control
  • Data retention
  • Avoiding export control violations (e.g. ITAR, EAR & DFARS) – compliance requires visible warning statements on the front cover of documentation as a minimum
  • Driving other security controls – integrating with technologies such as DLP and email filtering solutions
  • Providing the evidence required to demonstrate full compliance with key regulations

Many defense organizations need to protect sensitive export-controlled information alongside business sensitive information, which require two different classifications. The clients that use Fortra's Classifier Suite have found that its outstanding flexibility allows them to customize the solution to suit their classification needs, for both corporate and regulatory compliance – even making it possible to dual label information that fits into both export control and intellectual property categories.


For our defense clients, implementing a data classification solution has brought return on investment that has met and exceeded expectations. Alongside reducing business risk and enabling them to avoid fines imposed by various export control and data protection regulations, the approach has supported secure and seamless data mobility across business environments.

The organizations that use the Classifier solution also report that they have seen greater security awareness among end users, improved consistency in the application of policies, and security controls working more effectively.

Data classification acts as a critical data safety net, allowing organizations to work from a position of strength knowing they have raised the bar in their compliance efforts.

See Fortra Data Classification in Action