Archive for category DLP

Fired Employees Leaving With More Than Just Experience

With rampant downsizing in most organizations, corporations now face new frontiers in their efforts in keeping their data secured.

Uncertainty amongst employees leads to more dubious behavior. With most of today’s security products designed to counter external threats, how do you keep the EVIL WITHIN from jeopardizing your security and compromising the sanctity of your data?

Recent surveys conducted by (but not limited to) Symantec and Ponemon indicate that employee exodus has also resulted in tons of sensitive data being leaked out as well. The survey conducted around a thousand participants revealed that an overwhelming majority of employees took a copy of their work with them. According to the survey, CDs remained the most popular mode of sneaking out data with confessions from 53 percent of the participants. Next inline were USBs which had been used by another 43 % while 38% said that they had used Email.

While the more benign of the lot may just keep it as apart of their memory, the more enterprising may have other wily ideas.

, ,


A Matter of Trust

Another commonly raised point related to DLPs, usually by indignant employees is “don’t you trust us?”

It is necessary to elaborate that implementation of a DLP does not necessarily imply lack of trust in employees, in fact it’s there to prevent against any accidental losses. Studies analyzing recent data leakages indicate that a vast majority of disclosures are unintentional and may be attributed to the lack of awareness amongst employees. A majority of instances of leakage scenarios can be traced back to lost USB storage devices or stolen laptops. Social networking sites, blogs and the increasing use of wikis is contributing to incidences of both incidental and intentional leakages.

It is under these scenarios that the implementation of a DLP starts to make sense, prevent malpractices, before they can actually hurt.

, , , , , ,


Guidelines for Setting Up a DLP

Planning to set up a Data Leakage Prevention (DLP) system for your company? With DLP systems costing as much as they do, its common for security managers to think of these new contraptions as the elixir of all their headaches.

Just before you start attaching too much expectations to your DLP, its better to get an insight of what a DLP system is capable of – and more importantly what its not capable of.

DLP is essentially  targeted at risk reduction, not truly elimination of threats. System admins have to be careful of the nature of security they are deploying, misdirected policies are likely either raise too many false alarms or too little.
Identify your sensitivity areas, categorize possible threats based on your organizational structure. While it may not be very alarming to have some one from the HR to have a list of all your employees, the same list in the hands of someone from, say, the marketing department should be very alarming. Whereas an attempt to copy or email the same from anyone should automatically trigger an alarm.

Hence simpler the policies, the more effectively your system reacts, for example, address personal info of employees in one rule, another for customer credentials, yet another to deal with pricing archives.

Once you have your policies defined, its time to test them and make some fine adjustments as well to optimize your response. One of the biggest hurdles to an effective implementation of a DLP is improperly defined user groups. In a system that relies heavily on your classification of users on the basis of their priveliges, it’s important that you keep the directory structure as straight forward as possible.

And finally, one thing that we can’t emphasize enough on, is to test, test and retest your DLP configurations, these will truly let you gauge the capability of your DLP installation.

, , , , , ,


The Need for Data Leakage Prevention (DLP)

Many years ago, I remember watching a clip on TV about someone inventing a toilet that once locked, would not open unless it senses that someone has used the washbasin first. Interesting and to some extent sickening – just makes you wonder, was it invented as a precaution or a necessity?

There probably aren’t many people out their, who have to be forced to wash their hands after the toilet but considering the stakes – the precaution was worth it.

Putting this in corporate information security perspective, most of our rules have less to do with legislation and more with common sense. Moreover a policy that isn’t implemented tends to remain more of an advice – which tends to be generally disregarded.

Data Loss Prevention (DLP) is a preventative technology, if you’d call it that, I consider it more of an amalgamation of existing little utilities packaged into an integrated software allowing centralized policy control and more importantly policy enforcing.

If you’re fed up being the Dutch uncle on information security issues that is once something appalling has occurred (people usually start seeking an advice once they’ve done the irrevocable). Maybe it’s now time for less advising and more enforcing of things, maybe its time for Data Loss Prevention (DLP).

, , , ,


Copyright © Rewterz. All rights reserved.