this post was submitted on 07 Apr 2024
497 points (95.6% liked)
Security
5043 readers
1 users here now
Confidentiality Integrity Availability
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
No, it literally cannot be both, full stop. There should rigorous, well defined procedures and processes for handling classified data, and chiefly among those should be something along the lines of "don't upload classified documents to a publicly-available internet-connected location/service/filestore/etc". If it's not, a security officer has not done their job.