Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Michael R. Farnum

Hitting the Security Nerve

Information / Data leak prevention: Somewhat immature market, but worth looking at

1 comment

IT TOPICS:Business Intelligence, Emerging Technology, Enterprise Software & Services, Internet, Security

There are a lot of examples of information / data leakage. Most involve important and confidential information leaving an organization due to accidental emailing or other means. A high profile example is the confidential memo leak in the Hillary Clinton campaign. Though the post by Rebecca Herold says that she doesn't think the leak will hurt Senator's Clinton's campaign, it is an excellent example of lack of control of confidential information. So how can this kind of thing be prevented?

There are several companies out there that fall into the DLP / ILP space. While I cannot list them here (since I sell a few of them), I can say that many of them do a great job at stopping data from leaking out. However, they all do things a little differently. Some focus mostly on data at rest, meaning data that is stored on file servers or other storage platforms (NAS, SAN, tape, etc.). Others look at data in transit, meaning as data is moved about via email or other means.

As an aside, an interesting look at this has been introduced by LonerVamp at terminal23.net. He says there is another mode called data at use which is the hardest mode to protect against leakage. This is focused on the malicious insider to a high degree since stealing data is use is probably going to be done in by low technical means (writing down information from a monitor, etc.).

Like all technologies, it takes a thorough determination of your business needs and evelop a policy on what you want to prevent. Then you can decide which product best meets that policy. But as with newer technologies, it also takes knowing what ILP / DLP does in order to understand what your business needs are. I would suggest looking into the manufacturers of this type of technology to see what requirements they have developed. Between a few, you should be able to come up with a decently comprehensive list of what is possible to do with the technology. Also, a decent start on learning what the technology does is at Wikipedia. The entry also has some good links to other research papers on the subject.

Email this

Digg this

What People Are Saying

Add new comment

A good starting point would

Submitted by Craig Herberg on June 3, 2007 - 6:45 P.M.

A good starting point would be to develop data handling policies, determine what information you have to have, decide who the organization needs to have access to it, and then look at technologies to safeguard. Needless to say, more information handled by more people in a wide array of ways creates a management nightmare. Make sure not to overlook social engineering. It's not necessary for those who want your information to storm your gates, when a phone call will do the job.

Reply | Report this comment