Data Leak Protection: Focus on Inadvertent Leaks

Protecting your company against intentional leaks is virtually impossible.

If a rogue employee wants to steal sensitive data from your organization, here are just some of the ways it can be done. The employee could:

  • Take a digital photo of the document on screen and walk out with the camera.
  • Call their home voicemail and read the document to their voicemail, then transcribe it.
  • Print a sensitive document and walk out with it.
  • Put PSTs containing hundreds of thousands of sensitive emails on a USB drive and leave with those.
  • Upload the files to a VMware image and take the image home.
  • Find a Facebook application that permits file exchange and use that to send the file out of your organization.

And so on.

While technologies now exist to try and cover a wide variety of endpoints--email, instant messaging, Web proxy, USB drives on local PCs, and so on--the most effective policy for most organizations is to focus on inadvertent and unintentional leaks, instead of trying to be all things to all people. In other words, give up on the notion that you can stop leaks by protecting all endpoints. By the time you've addressed all the possibilities you can think of, 10 new ones will have arisen.

After all, most breaches of PCI compliance, for example, have happened by mistake, where spreadsheets or other files containing credit card numbers have been inadvertently emailed outside the sender's organization.

Instead of a breadth approach, start with the leakiest of applications, namely email and instant messaging, and work out from there. Numerous technologies exist--Orchestria, MessageGate, Vontu, Proofpoint, Akonix, FaceTime and others--that provide automated policy enforcement of real-time data.

Starting with an achievable goal will help you address the majority of the threats while keeping your DLP goals grounded in reality.

... David Sengupta

Post a comment

You must be logged in to post a comment. To comment, first join our community.