Tableau Server - Data Classification

Data Classification in Tableau Server: 

Tableau enables users to create meaningful visuals with data to help stakeholders understand the business operation. As Tableau developers and users, we are responsible for the security and management of the underlying data. To mitigate the risk of compromising data, it is critical to learn about data management. Data management helps identify data elements that do not need to be in the underlying data of these Tableau visuals. Thus, LSU IT Security & Policy Office establishes a list of these data elements by classification.

Along with the knowledge, the best practice is to use data elements that you need to create your Tableau visuals. It is NOT necessary to utilize Confidential Data elements in Tableau visuals. It is very critical to prohibit or minimize the usage of Confidential Data and Private Data elements in Tableau visuals. The underlying data may not be visible on the visuals, but it resides in the background with a possible vulnerability.

According to LSU IT Security & Policy Office, data management starts with data classification. Data Classification identifies data into three buckets. It goes from highest and most sensitive to lowest level sensitivity.

• Confidential Data is the highest and most sensitive data. At this level, the protection of data is required by law (i.e. HIPAA, FERPA, etc).  
• Private Data is the moderate level of sensitive data. Also, LSU has a contractual obligation to protect the data.
• Public Data is the lowest level of sensitive data. Protection of the data is at the discretion of the owner or custodian.

Please refer to the link for more detail about Data Classification (www.lsu.edu/its/units/it-security/data-classification.php).