Sensitive Information

What Does Sensitive Information Mean?

Sensitive information refers to privileged or proprietary information that only certain people are allowed to see and that is therefore not accessible to everyone. If sensitive information is lost or used in any way other than intended, the result can be severe damage to the people or organization to which that information belongs.

Advertisements

Sensitive information may also be called a sensitive asset.

Techopedia Explains Sensitive Information

Some examples of sensitive information are as follows:

  • Personal information, including Social Security Number and bank credentials
  • Trade secrets
  • System vulnerability reports
  • Pre-solicitation procurement documentation, including work statements
  • Computer security deficiency reports

According the Computer Security Act of 1987, organizations must be held responsible for protecting their own sensitive information by providing one or more of the following:

  • Confidentiality: Sensitive information should only be accessible to those who are allowed to see it, not just those who wish to see it.
  • Integrity: Unauthorized users should not be able to make changes to the information, thus compromising its integrity.
  • Availability: Information must be accessible during a certain time and may not be destroyed during that time frame. People with permission to view the data must be able to view it.

The Computer Security Act also requires federal agencies to identify their computer systems that contain sensitive information, establish training programs to increase security awareness, and establish a plan for the security of each computer system with sensitive information.

Sensitive information is not the same as classified information, which is a type of sensitive information in which access is governed by law.

Some sensitive information is called sensitive unclassified information. This is information that needs to be protected, but does not require strict classifications, such as those used for national security information.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…