Data Leak Prevention - Protect Your Business

Jun 25
21:14

2007

Sam Miller

Sam Miller

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

Information is the most valuable resource company has, then it's obvious that we should check carefully IT security and prevent possible information leakages.

mediaimage

Most businesses and other enterprises have access control devices in place such as access control lists,Data Leak Prevention - Protect Your Business Articles defined permissions, encryption, or firewalls, just to name a few.  Yet authorities confirm that these devices are not as effective as one would hope, given the vast amount of materials which circulates via the internet.  Probably the majority of these breaches occur because most control features in IT systems and other company directed security measures are focused on those villains who attempt to come into the company records from the outside.  Most companies are less aware and thus more subject to violations of electronic access due to inside access, whether malicious or accidental.

Last year, a Global Security Study reported that a staggering 49% of companies stated they had experienced a breach of security from internal sources.  Specifically, of this group, the majority of incidents (31 percent) were caused by a virus or worm experience, nearly one third were through deliberate fraud by an insider.  another 18 percent reported data leakage.  Nearly all the the respondents reported concern about employee misconduct in regard to data systems.

There are several types of products designed to help block data leaks from the corporation or business network.  The first is software which is used to audit transactions.  It is an after the fact record of information leaving the business system to another location which may or may not be authorized.  Such software may be combined with incident response software. Other software takes a stand alone approach to enforcement.

Many of the protection methods are important as tools to prevent data leaks which occur through laziness of an employee, policy violation by a person who may or may not be aware of policy, or by just plain foolish actions on the part of the user.  These techniques will not, and indeed are not intended to stop a deliberate and malicious attempt to steal data, at least not every attempt.  But, used as part of a layered protection system and intended to prevent the major portion of the careless and lazy attempts, there is encouragement that the level of data leak will be significantly reduced.

Much of the compromised information happens because employees are trying to help, not hurt the company.  They may not even be aware that what they are doing, or at least that their actions are a breach of security policies.

An obvious block of sensitive information leaving the organization is via email file attachments. The employee may attach some payroll files to an email and send it to his home account in order to finish the project without having to come back into the office at night or during a weekend, for example.  Data leak products will stop such obvious violations. 

Less obvious methods where confidential or proprietary information can occur is instant messaging, HTTP and FTP links.  Most data leak products produce a profile of intellectual property belonging to the organization and then scan all outgoing packets to block output of such packets.  This type of protection can even view encrypted information to prevent it from leaving the business inappropriately.

Encryption of data on mobile devices is another layer of protection to prevent the growing problem of data leak.