Category: Top » Computers »

Author: Dan Schutte | Total views: 7 Comments: 0
Word Count: 1035 Date: Mon, 10 Mar 2008 6:34 AM

Data Leakage - It Takes More Than One Silver Bullet To Stop It

As you begin to explore Data Leakage, the first awareness is how the perpetrators are usually your own staff. Here we discuss a range of available tools which can be applied to protect against your company. They work in a 'policy-based' framework to enforce security and prevent attempts to leak information. They can be structured to guard against threats specific to your business via your own unique policy requirements. This review will provide you with the knowledge to begin to develop a strategy to control data leakage, and perhaps the vitality of your company.

Types of Solutions

Data Leakage can occur through a variety of methods - some are simple, some complex. As such, there is no single 'silver bullet' to control Data Leakage. However, through a variety of tools and functions, we can manage how-where-when, and who, can access your company's data. These tools can include:

Lexical Analysis - the ability to control email based on the presence of certain keywords and phrases - content filtering. Lexical Analysis can identify passages of confidential text either in the message body or buried within an attachment. With web browsing, it can detect and/or stop attempts to upload confidential text to websites. For example, attempts to use webmail (like Hotmail or Yahoo) to send confidential information.

User Management - the ability to restrict rights for distributing confidential information to authorized persons only. This could mean that financial reports can only be emailed externally by the CFO, or product designs can only be emailed by members of the Executive Team. If another user tries to email a confidential document to an external email address, the message can be blocked and a notification can be sent to your security officer, a supervisor or any other email address you designate. User Management also allows you to restrict the ability to upload certain attachment types to websites. This can prevent unauthorized users from uploading i.e. Excel spreadsheets or CAD files to the Internet without permission.

File Management -allows you to control over 175 different file types. This control can encompass file type, who are the sender and recipient, the presence of key words and other elements. File Management identifies files by the characteristic code signatures of the file type, rather than relying on the name of the file, or the file extension for identification. Using merely the file extension for identification is an unreliable method, and can easily be circumvented by a user by simply renaming the file extension.

File Management Options

There are a wide range of file management options available to protect against data leakage.

Embedded signatures - you can embed code words or alphanumeric markers in confidential documents such as "UNIQUEWORD123," for example. These markers can be made invisible to the reader by making the font white, but they can still be detected by a scan and block any document featuring the code word being sent by an unauthorized user.

Fingerprinting - you can save a copy of any confidential document or file into a "fingerprint" folder. Any email with an attached copy of a file saved in the "fingerprint" folder can then be detected. Any attempt to email or access a restricted file can be blocked and reported.

File Type - specific file types such as CAD, Microsoft Project plans or password protected zip files can be automatically restricted to authorized users only. This prevents general users from emailing files that are not intrinsically related to their job function. They can also detect files embedded inside of other files, such as a Word file inside of an Excel spreadsheet or a database file inside of a zip compressed archive file.

Recipient Blacklisting - allows you to define specific email addresses or domains that you wish to control email communication to. For example, you can set a wildcard rule that states "block all emails to "@mycompetitor.com" unless from the Authorized Users group." This rule would block any email going to your competitor's email domain, coming from an unauthorized email address.

Webmail Blocking - provides the capability to completely block access to blacklisted webmail accounts. However, if you wish to allow users restricted access to webmail for limited personal use, you can block users from uploading certain file types or even adding confidential text.

Anti-virus & Anti-spyware - products will support the use of many popular third-party anti-virus and antispyware scanners. These block Trojan worms and malicious spyware entering your organization via email or the Internet, at the gateway. Viruses and spyware are the most common tools employed by hackers bent on gaining access to confidential information within your organization. Employing a layered approach to virus and spyware protection at the server level also helps to prevent data leakage by external parties.

Conclusion

Effective control of Data Leakage is multi-faceted. The role and policy based structure presents a clear orientation to setting up your systems. As a windfall to the deployment, many organizations discover gaping holes in their current security administration. You will be migrating to a new and disciplined approach to controlling your company's data. Likewise, your policies and permissions will continue to evolve as does your company's direction.

Assure you have the right tools that are dynamic enough to grow and adapt so that your company's interests are always protected. Our tools meet the test daily in monitoring and controlling a company's data. We are in nearly half of all Fortune 500 Companies.

We work with companies to assure their data and messaging is in compliance and secure. Our solutions are state of the art, quick to implement, cost effective and provide the comfort to know your data is secure. A phone discussion is a great way to assess your environment and determine what would be the best action plan. Visit our website www.enclavedata.com to learn more.

You have the responsibility to maintain your company's digital environment, with the right tools you can now also have the control to assure compliance and protect your company's assets.

About the Author

Dan Schutte is the President of Enclave Data Solutions, specializing in messaging security, content filtering, anti-spam software, email/IM archival and compliance. Visit http://www.enclavedata.com to read actual Case Studies of how companies have successfully protected their data networks and messaging.