The TLP or Traffic Light Protocol is a set of designations designed to help sharing of sensitive information. It has been widely adopted in the security community.

The originator of the information labels the information with one of four colors. These colors indicate what further dissemination, if any, can be undertaken by the recipient. Note that the colors only mark the level of dissemination, not the sensitivity level (although they often align).


The TLP protocol allows you to share sensitive information and keep control over the distribution of the information.


Although fairly simple in usage, some visual clarification on how to use the traffic light protocol – TLP doesn’t hurt.

TLP:RED - Strong limited, only your peers
My information should remain restricted to the people with whom I share the information directly (only people present in a meeting, participating in a conversation, …).
I use TLP:Red when additional parties outside the direct recipient list can not act on the information.
When recipients do not honor the TLP it would impact my privacy, reputation and have an impact on the operations of my environment.


TLP:AMBER - Limited, only people that act on the information
The recipients can share the information with members of the district who need to know.
Use TLP:Amber when I want people to effectively act upon receiving the information.
When recipients do not honor the TLP it carries some risks for my privacy, reputation or operations.


TLP:GREEN - Relaxed, known by the inner-circle
The recipients can share the information in their department or within the district but it can not be put on a website (or any publicly accessible resource whatsover).
Use TLP:Green when the information is useful for all district employees.


TLP:WHITE - Open, known by everyone
This information is available to all staff, students, any other stakeholder, and the general public.  This is typically information sent in email blasts, or posted on our website.
Use TLP:White when there’s no foreseeable risk of misuse.