Image Source: scroll
How will you describe “Company’s data leak”? The solution seems to be as simple as fast food; get a DLP or data loss prevention application from renowned companies like HP or Symantec. Is it all that simple? The problem is that employees could be silent thieves. After all, copying data has become a dream nowadays, like with the thumb drive via USB. You don’t have to struggle with bulky hard copies anymore. A tiny gadget may hold a library of information. And then you have emails and attachments that can use to dispatch sensitive information to the wrong persons.
A silent war of information
Image source: ZDNet
Like advertising wars bitterly fought between rivals in the business like smartphones, the information war or Company Data Leaks is genuine. Information costs money, all right, as we witness each day over the media. A few seconds of publicity for the chocolate brand, and the company pays a fortune. Just imagine how much people would pay in terms of patents? And designs concerning advanced products are researched 24/7.
A booming DLP market!
No wonder then that 19 mega-companies vie for top slots in the DLP market. People expected the demand to escalate by nearly $2 billion by 2019. We can imagine why. Company Data Leaks increase tenfold each year, and we can only work with estimates. Preventing unauthorized access is what keeps so many people busy. Much of the media work with views, but we treat the figures as very real. Nobody knows the whole truth.
Dedicated employees could win half the battle.
Background checks on staff may help ascertain the reliability, and signed agreements to maintain secrecy may bring confidence to the employer. If the team is delighted with the organization, perhaps fewer chances exist of data theft. Training is essential to make sure that workers understand the problem and know how to control the flow of information. Each computer may connect to twenty other computers, and the information travels between them all the time. A network monitoring system ensures the smooth passage of information. Hackers use the same technology to breach the fortress and steal data for various reasons like business, espionage, terror, and plain mischief.
The insider information leak appears to be miniature. According to Verizon’s report in 2012, it was only 4%. The daunting problem is that company executives possess a goldmine of information in the office, and they could easily copy it. A Bank of America leaked customer information to identity thieves, and the financial loss amounted to $10 million besides the PR issues. Hard to believe? No, it is all true.
Image source: saga net
The age-old antivirus software with firewall backing is continually people recommend to ensure safety. It forms a mighty wall that is not easy to breach. At least, the top companies promise such a shield. DLPs monitor the movement of data based on the company’s intellectual property profile. The software examines each bit of information that leaves at ports and protocols and responds appropriately. Thus, the information we can prevent from leaving beyond certain fixed thresholds.
Encryption and USB blocking appears to be sound strategies to preserve valuable information and prevent illegal access and tampering. Banks regularly use such encryption, and the system seems to be working fine. Considering the vast amounts of cash that change hands legally each day over internet banking, it appears that there is nothing to be quite alarmed about.
Web security gateway services as an alternative to DLPs do protect from evil websites and software. They scan files in all communication avenues for potential data loss, according to the language terms contained therein. If somebody is behaving irresponsibly, the software catches up and raises the alarm.
Not only information is all over the place in so many incarnations like DVDs, IM, smartphones and blogs, email, and thumb drives. But privacy is constantly being compromised by smartphones with cameras and video recording that reach the most sensitive zones. Nothing appears to be beyond their reach, not even in the trial rooms of companies. Besides, being allowed to bring your equipment to the workplace has potential hazards, too, as an open invitation to steal information. Happy were the days with the manual typewriter, phone, and fax alone.
Loss or Misuse
Accidental loss or misuse of information sometimes occurs when you send it to the wrong person by chance. The problem is often not what lies beyond the perimeter but what happens within. There exists plenty of opportunities inside to manipulate or steal since information is continually is sent. Anti-malware and encryption, besides other security controls, do play their essential roles. Three layers of defense is used that effectively keep things in place. Imagine the degree of security that credit card and social security numbers would require.
A file classification system would ensure that sensitive information does not pass through a protocol or gateway, raising the alarm if they do. Such a system one can also implement in social media where objectionable content or images get prevented access. Arrangements can be based on file size, and abnormally large files would raise doubts and halt the process. Could also supervise The unusual behavior of employees in this manner.
The case of the theft from the DuPont database over several months of $400 million is an eye-opener. The person had been accessing 15 times the number of files the others in the office had been working with. A Duracell employee sold information about batteries, first sending it home and later to a rival company. Getting a handle on the internal data is crucial but would require separate software for each information category. Avoid putting all the eggs in one basket.