Can you ever be wholly leakproof from data loss?
- Article 21 of 33
- SC Magazine, April 2010
Data leakage prevention (DLP) is beginning to appeal to many, but even the best products need careful deployment, says Rob Buckley.
Page 1 | Page 2 | Page 3 | Page 4 | All 4 Pages
USB devices aren't the only way data could leave the force, so it also uses other DLP technologies. At the gateway, M86's MailMarshal is used to scan email and web content for breaches, put a cap on the maximum size of email attachments and to prevent uploads of data via the web.
Staff have more or less accepted the controls as necessary: “Every now and then we offer a seminar to explain it.” But Brailsford-Hart says the force is having to look at ever-more sophisticated DLP policies to deal with increasing computerisation. “Some officers want greater access to social networking sites so they can use them for investigations,” he says. That will mean not just changes at the gateway, but also additional education on how to use social networking safely.
So far, the force hasn't had a data breach. But, says Brailsford-Hart, the headlines other firms have garnered from their breaches have paradoxically been helpful. “It has been very useful in getting the attention of senior management, getting a little investment and raising our profile,” he says.
How real is the insider threat?
Are employees just there to help – or are they the company's biggest threat? The spectre of the malicious employee, using insider knowledge, is a threat that many organisations assumed would grow larger thanks to the recession.
Opinion varies as to how real that threat actually is. The 2006 e-Crime Watch Survey conducted by the US Secret Service and SEI CERT for CSO Magazine found that in cases where respondents could identify the perpetrator of an electronic crime, 32 per cent were committed by insiders. A survey last November by Actimize of 70 financial institutions worldwide found that 82 per cent believed the threat of employee fraud was growing and 78 per cent saw the employee fraud problem increasing due to the slower economy. Other surveys go as far as 98 per cent of crimes having an ‘insider connection'.
IDC research last year painted a slightly different picture. Of 400 organisations surveyed, 52 per cent characterised their insider threat incidents as accidental. Only 19 per cent believed the threats were deliberate, while 26 per cent believed they were an equal combination, with three per cent unsure.
“I don't think it's hyped up. It does happen,” says Martin Blackhurst, head of IT security at Redstone Managed Solutions. “I've seen employees take customer data with them. Salespeople are doing it, because of the type of people they are. It is a very real threat.”
“Malicious employees are always a threat,” says Caroline Ikomi, technical director for Check Point. “People have been stealing off companies for donkey's years.” However she puts the risk considerably lower, somewhere less than ten per cent, arguing that while insiders can be a threat, usually the damage they may cause is accidental rather than deliberate.
Page 1 | Page 2 | Page 3 | Page 4 | All 4 Pages