Six ways to prevent data leakage

A data breach in DuPont recently offers a timely lesson about the risk of data loss that can come from within the enterprise or organization itself. The culprit of this sabotage is Gary Min, a company employee, who steals the total data equivalent to $ 400 million. He downloaded and accessed more than 15 times, copying the largest amount of data possible each time. Previously, Gary was considered one of the most active members of the system in the company. The case was only discovered and Gary was only arrested (December 2006) after resigning his job and switching to a rival firm.

Min was accused of stealing DuPont data and will be tried on March 29. His case is just one of the most typical cases taking advantage of loopholes in corporate internal control to profit. Last February, a mobile developer at battery manufacturer Duracell confessed to stealing research data related to the company's AA batteries. He sent the information to the computer at home and then sent it to two Duracell competitors.

Dealing with the risk of internal growth is not a small challenge, especially for large companies or multinational corporations.

' I'm not surprised at the incident at DuPont ', Bowers - currently managing director at Security Constructs LLC, a Pa-based consulting firm Fleetwood said. ' When you have such a huge multinational data source, the security department certainly cannot guarantee a hundred percent absolute safety level. They can't even control how they're floating and why they can leak out . '

No method is perfect, but some of the following methods help you mitigate the risk, minimize it and keep track of the activities that take place within the firewall.

Experts give advice with the following steps :

1. Must control data

Surely you cannot control sensitive information or copyright information on the network if even their location is where you do not know.

Sensitive data of an organization is often widely distributed through the intranet. Important data is often not only in the database (database) but also in e-mail, personal computers and sometimes acts as a data object type in the Web portal. Sensitive information also has many different types, such as credit card numbers, social security codes (CMT, student ID .). Trade secrets can be found in many types of files, different text types according to customer contact information, contracts, product development specifications.

Implementing control rules for all types of data is often not effective and impractical. Instead, classify each data layer and select the most appropriate control rules for each category. You can also use some automated network review tools and locate sensitive data. Many vendors offer these types of tools such as Reconnex, Tablus, Websense. The number of products of the companies is increasingly rich. Many of them can separate data into many different types, based on company-defined rules.

2. Mobile content monitoring

When companies use the Website in business transactions and link to many networks belonging to partners, suppliers or customers, the vital issue is to keep track of what's going on, floating through network. Content monitoring is the core 'base' in many companies' data protection strategies. With so many network 'outgoing points' for data, the most important thing is to monitor network traffic.

All manufacturers such as Vericept Corp., Vontu Inc., Oakley Networks Inc., Reconnex and Websense offer a range of products that check, review e-mail and instant messaging (Instant Messaging). , peer-to-peer file sharing system, Web post process, and FTP sites to detect and search for data infringement or breach of rules set in the company. These tools are located near the network gateway and are designed to give a warning when suspicious packets are detected. Many products can be used to enforce operations such as data removal or encryption when data is transmitted.

For example, one of them is content filtering tools, allowing you to see what is coming or going online. As Bowers of leading company Wyeth commented: ' We monitor all ports and all content delivery protocols ' when the company implemented content filtering tools.

3. Keep an eye on the database that contains valuable company information

Don't stop at knowing who is accessing the database. You also need to know when, where, how and why they make this access. Many support tools are built, allowing companies to monitor access or activities on the database. You can use Imperva Inc. products, Guardium Inc., Application Security Inc. and Lumigent Technologies Inc. They are designed to help you know which users or administrators are working on the database with the privilege of accessing, or editing, copying, deleting, downloading large amounts of files, or offering Warn when someone tries to perform one of the above activities. These products also provide a fairly obvious audit trail to track when someone violates the rules of the business.

Encrypting sensitive data in databases is another method worth considering.

4. Limit user privileges

Most companies offer more privileges to users than necessary. That's what Amichai Shulman, Imperva's chief technology officer, said. Monitoring access to extremely important data of users and monitoring unspecified access to high-risk data are indispensable steps.

Create access rules to restrict users' network privileges strictly. Only allow access to the corresponding data layer needed for the work of each type of user, and also set up controls to force employees in the company to comply with the internal rules built. For example, giving a warning when someone normally only works with 10 files per day, suddenly starts accessing numbers in larger numbers.

Making access control decisions for internal and external members is quite simple, says Matt Kesner, chief technology officer of Fenwick & West LLC, a law firm based in California. But sometimes outsiders need legal access to business data in equal or even greater numbers than the needs of internal employees. For example, Fenwick & West's Extranet client networks are being used frequently by customers who cooperate with its authorized employees. Sometimes, external users are much more interested in enterprise data than internal insiders.

5. Pay attention to the end points

The rapid development of the market of mobile devices such as laptops, other laptops, USB memory sticks or iPod music players has increasingly facilitated internal malicious users to steal data. easier. Companies need to develop centralized monitoring and control activities. In particular, the device must be attached to the network and enterprise system, specifying which data is downloaded, uploaded or stored where. Doing these tasks is a challenge. But you don't need to worry, because some products from companies like Code Green Networks Inc., ControlGuard Inc. and SecureWave SA will make it easier for you to conduct the desired activities.

' In the past, very few companies put effective controls in the right places to allow them to monitor their internal systems closely and keep track of data movement or transmission ,' Alex Bakman - CEO of Ecora Software Corp affirmed. That means that vandalism has taken place 'without a trumpet not empty' for a long time.

6. Centralize intellectual property data

For a large company, it is impossible to protect intellectual property scattered across multiple systems. Therefore, storing this data in a centralized resource library system can be safe and convenient in security as well as information sharing at any time.

' Normally, people put all the eggs in one basket, ' says Ira Winkler, a freelance security consultant and computerworld.com columnist. ' But in this case, it is easier to protect a system than to protect its numerous scattered subsystems .'