An enterprise data leak is a scary proposition. Security practitioners have always had to deal with data leakage issues that arise from email, IM and other Internet channels. But now with the proliferation of mobile technology, it's easier than ever for data loss to occur, whether accidentally or maliciously.
Preparing for data protection
While there are plenty of tools on the market for keeping mobile and stationary data from leaving the company surreptitiously, the best ones use a combination of prevention and detection methods, such as a detection engine and a data blocker.
However, before doing anything, it's crucial to understand what data types are being protected and the level of risk. You should create and codify data classification levels for all of your company's data according to the organization's IT security standards. Data types can be ranked on a scale from low to high, based on the risk of its loss or exposure.
Some examples of high-risk data might include the following:
Once you understand what data should be protected and have classified and documented risk levels, you can begin investigating which tools would best suit your enterprise's needs.
Data leakage prevention tools
Data leakage prevention tools can be roughly compared to application-level firewalls. Like firewalls, they examine the content of outbound data, rather than just ports and packet types, and ultimately decide what can leave the company. When investigating data leakage prevention tools, you'll find that the three big players in the market are Vontu Inc., Reconnex Inc. and Vericept Corp.
Since these products are network appliances that simply sit behind firewalls, it is important to ensure they integrate with your existing securit
To continue reading for free, register below or login
To read more you must become a member of SearchFinancialSecurity.com
y infrastructure. Vontu's product, for example, can be integrated with products from Cisco Systems Inc., IronPort Systems Inc. and Blue Coat Systems Inc. Reconnex and Vericept products also work with Blue Coat and other Web proxies.
Mobile devices and data leakage
Mobile devices present yet another challenge for data leakage. USB keys, Bluetooth devices or removable CD drives, for example, can all circumvent network controls without a system administrator's knowledge. As hardware storage devices, they outdo the sophisticated Internet and Web-monitoring tools just described.
One such tool, Safend Protector V3.0, can be installed as a client on all the desktops and laptops in your enterprise. It can be centrally managed via a Web-based interface and, like the Web monitoring tools, can be tuned to check for certain types of data being moved through USB, Firewire or wireless ports. The tool is tamper-proof, invisible to users, and silent until something is connected to an external port. Additionally, Safend Protector V3.0 can be tuned to completely block access to any removable device, restrict certain devices based on capacity, or allow read-only access and policies can integrated into the Group Policy Objects (GPO) of Active Directory to provide access to devices for selected users.
At first glance, the problem of data leakage prevention seems overwhelming. But with a few commercially available tools, leakage can be tamed, whether online, through the Web or by storage device.
About the author:
Joel Dubin, CISSP, is an independent computer security consultant. He is a Microsoft MVP in security, specializing in Web and application security, and is the author of The Little Black Book of Computer Security available from Amazon.
