Technology Reference

Tag Policies

Data GovernanceMedium ComplexityLearning: Medium

Govern what tags exist and who can apply them

// Guidance

Decision Guide

✓

→Multiple teams are tagging data independently and inconsistently
→Building ABAC policies that depend on accurate, consistent tags
→Need mandatory classification before data can be shared
→Tag values are proliferating (e.g., 'pii', 'PII', 'personal_data' all meaning the same thing)
→Governance team needs to control the classification taxonomy

✗

// Details

Vs Ungoverned Tags

governed:: Consistent values, controlled vocabulary, reliable for ABAC, requires setup
ungoverned:: Flexible, fast, risk of inconsistency, may break ABAC policies
verdict:: Govern tags before building ABAC policies that depend on them

// Related

1 controls use Tag Policies for implementation.

See how Tag Policies compares to other access control approaches with our detailed comparison table.