Information Security Classification (ISC)
Configuration Scope: Exportable
This setting is included in configuration exports and will be the same across all environments once the config file is imported.
Overview
Information Security Classifications (ISC) control record-level permissions, influencing who can access the record. Manage available options from the ISCs tab.
When creating an ISC you are providing users the ability to choose from the following types of ISCs:
- "Open" means normal role-based permissions apply to the record, which could include org-wide access, if that is what your organisation chose
- "Restricted" means restrictions apply to the record, limiting permissions for access to only users with matching Role Assignments and Access Caveat** permissions
**Access Caveats appear as a drop-down menu on the record when user selects a Restricted ISC. For details see Access Caveat Configuration
Add ISC
- Click Add Information Security Classification to create one
- Add a Name of the ISC (make the name meaningful and obvious so the user understands which ISC to choose)
- Add the Order in which the ISC should appear on the user's dropdown (starting from 0)
- Select the Access Level (Open or Restricted) that the ISC should enable - this is key to ensuring the right permissions scenario is activated!
- Save the ISC
Manage ISC
- Locate an ISC
- Click Edit to modify ISC details
- Click arrow next to Edit for Delete option
ISC vs Sensitivity Labels
Information Security Classifications (ISC) in Brief Connect and Purview Sensitivity Labels (SL) in the M365 platform are two different but complementary protection mechanisms: - ISCs in Brief Connect control who can see the record in Brief Connect and is stored as record metadata - SLs in M365 offer Data Loss Protection for the files associated with the Brief Connect record, that are actually stored in SharePoint Online. ISLs control what can be done to the files ie prevention of copying or external sharing