Restricted environments
About DIFFUSION RESTREINTE [DR] and EUROPEAN UNION RESTRICTED [EU-R] environnements
Definitions
In France, Diffusion Restreinte [DR] (hereafter "DR") applies to a protected information whose unauthorized disclosure could harm the State.
At EU level, the equivalent marking is Restreint UE [R-UE] / EU Restricted [EU-R] (hereafter "R-UE/EU-R"). It follows the same logic and protects information that requires controlled handling across European Union institutions and member states.
DIFFUSION RESTREINTE
WHAT IS IT?
Classification of information
Data, documents, physical assets, processes, IT environments.
REGULATORY BASIS
French law – IGI 1300
Instruction Générale Interministérielle n° 1300.
CLASSIFICATION AUTHORITY
The State
A government authority decides this information must be protected and applies the marking.
RISK IF IGNORED
Unauthorized access or disclosure
of national sensitive information → harm to the French State.
RESTREINT UE / EU RESTRICTED
WHAT IS IT?
Classification of information
Data, documents, physical assets, processes, IT environments.
REGULATORY BASIS
EU security regulation — Council Decision 2013/488/EU
European Union law
CLASSIFICATION AUTHORITY
The European Union
Decides the information requires protection and applies the marking.
RISK IF IGNORED
Unauthorized access or disclosure
of EU-level sensitive information → harm to EU institutions or member states
Data classification and Sovereignty: two distinct but inseparable requirements
Two concepts must not be confused.
- DR & R-UE/EU-R classifications define the sensitivity level of the information, and the security measures it requires.
- Sovereignty defines legal jurisdiction, the governance and security controls to manage access, retain, share and transfer rights on regulated data in a geographic location (ex. GDPR).
These are two distinct requirements yet in practice, one determines the other: the classification level of your information sets the sovereign standards your infrastructure must meet.
Sovereignty is reflected in an information classification scheme. Information systems that host and process classified information must comply with the applicable regulations and security requirements.
How to access, handle and share Restricted information securely in practice
When information falls under DR or R-UE/EU-R classification, protecting the data itself is not sufficient. The entire chain through which it is accessed must meet the same level of security, covering hosting environment, data exchange, handling procedures, and the access methods used. Restricted information requires not only a trusted environment, but an access method that matches its classification level.
A standard access setup is therefore not compatible with DR or R-UE/EU-R classifications. This is precisely where Thales supports its clients.
Two ways to connect
Secure interconnection
Your organization operates a DR or R-UE/EU-R information system?
We connect it directly to TrustNest R-Cloud through a dedicated secure interconnection giving you compliant access to applications, environments, and data flows. This interconnection enables users to access applications, authorized teams to operate environments, and systems to exchange operational data flows in a controlled and compliant manner.
TrustNest R-Mobility
No Restricted environment? No problem.
TrustNest R-Mobility provides a ready-to-use secure information system accredited DR and R-UE/EU-R, enabling fast deployment and immediate operations, without having to build or accredit a dedicated Restricted system.
TrustNest R-Cloud is the sovereign cloud infrastructure compliant with DR and R-UE/EU-R requirements on which our collaborative application (WIMI Restricted) is built. It delivers a secure workspace for organizations that need to process Restricted information under controlled conditions.
The access method is not an add-on. It is part of the solution by design.