Inbound/Outbound Content Checking Technology Can be Employed for Internal Inventories

Many vendors now offer products that check that data (email messages, email attachments, HTTP Posts, instant messages) crossing the Internet boundary does not violate regulations, policy, or constitute data theft by an employee or hacker.

The sophisticated data analysis and matching technology employed by these products can also be employed by crawlers that inspect data stored on a variety of shared internal repositories. E.g., they can scan file servers, web servers, databases, and message stores.

This capability is valuable. E.g., it can show where confidential information resides, and possibly also whether it is accessible by internal staff that shouldn’t have such access. Expect vendors of boundary content analyzers to start providing this repository scanning capability. An early example is Vontu, with its Vontu Discover (http://www.vontu.com/news/release_detail.asp?id=313) subsystem, scheduled for September release.

David Ferris and Nick Shelness

One Comment

  1. Posted August 5, 2005 at 11:02 AM | Permalink

    While the idea of an inventory of confidential documents is an excellent one, I think this approach seems flawed from the point of view of overhead on resources and humans monitoring and tagging what is sensitive and what is not. Does this really scale to thousands of users and millions of documents? My second worry is that these crawlers are not really analyzing content but are actually using signature-based methods which tend to be fairly heavy weight. So, can you help me understand how this is not really going to weigh down performance and infrastructure and IT people resources? Thanks!

Post a comment

You must be logged in to post a comment. To comment, first join our community.