Titus Labs Classification: Update

The correct classification of certain types of electronically stored information (ESI) is important. It’s a big help with things like:

  • Information retrieval, access control, and retention/deletion.
  • Compliance and policy enforcement.
  • Data security: to prevent inadvertent disclosure and trigger encryption.
  • Protection of intellectual property.

Ideally, ESI is automatically classified. However, this is often unreliable, and manual classification thus has a role to play. Having the user assign a business category helps determine the proper handling of the data and can trigger the right protection at the right time.

Titus Labs is a leader in the field of user-based ESI categorization. In summary:

  • Support for Outlook and OWA email, plus Word, Excel, and PPT documents.
  • Users choose the classification from a pick list.
  • Processing of emails can be varied based on policy. For example, users can be asked to check if they really want to send an email to a recipient, or they can be forbidden to do so.
  • Uses a client plugin (except for OWA support).
  • Little head-on competition, although data leak prevention vendors represent some level of competition.
  • Company has mainly focused on military and government markets, and these represent around 70% of current revenues. Here classification schemes have been long established and are well understood.
  • Company is now expanding its marketing efforts to commercial organizations.
  • Revenues not disclosed; Ferris Research estimates them at $7M to $9M.

There are no standard methods to store classifications. Titus stores email categories in MAPI properties or in X-headers; for Office documents, they go in document properties or XML. This allows category information to be shared with third-party technology.

David Ferris

One Comment

  1. kille
    Posted August 14, 2008 at 1:54 AM | Permalink

    This bulletin notes:

    “There are no standard methods to store classifications. Titus stores email categories in MAPI properties or in X-headers; for Office documents, they go in document properties or XML. This allows category information to be shared with third-party technology.”

    The first sentence is not true. There are several standard encodings for Security Classifications, such as ESS Security Labels defined for S/MIME, which provides a solution for this. X.400 and X.500 also define standard use of labels.

    There is some information on this in the Isode white paper: “Access Control using Security Labels & Security Clearance”: http://www.isode.com/whitepapers/security-labels-clearance.html

    Steve

  2. dferris
    Posted August 14, 2008 at 2:15 AM | Permalink

    Thanks Steve. I stand corrected. I imagine this classification machinery has a military provenance; it would be good if the industry can leverage this substantial past experience.–david

Post a comment

You must be logged in to post a comment. To comment, first join our community.