IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
DLP
#
Retailers
#
RSA Security

Fixing leaks

Mon, 1st Jun 2009
FYI, this story is more than a year old
By Staff Writer

Why do government departments and public sector corporates need data loss prevention software? RSA explains.According to the Privacy Commissioner, government departments leak information like sieves, which poses the question: how safe is your business’s data?In early May the Privacy Commission reported that the personal details of New Zealanders were at risk because government policies on the use of portable storage devices (PSDs) were poor. The Commission surveyed 42 major government departments and reported that PSDs, such as USB sticks, were widely used but that there were lapses in security procedures and practices around their usage. Data loss is not something most managers devote a lot of time to. But with tough times leading to new layoffs, businesses have a myriad of challenges, and departing staff members leaving with USB sticks full of sensitive data is one of them. However, there are other areas where information could be compromised: taking information to meetings, temporary backups, transferring information between departments or organisations – all these activities present a data loss risk. To give you an example, a survey carried out by a UK security firm found an estimated 9000 USB sticks were left in people’s pockets when they took their clothes to the dry-cleaners. Security software is not new, but typically security solutions have addressed specific issues such as malware and spam. Perhaps unintentionally, these types of solutions have also increased organisational complexity, and when there are real gaps and no set policies in place, it creates a huge risk. Data Loss Prevention (DLP) is a new technology that has been specifically developed to prevent this. It differs from other security software because it involves an enterprise-wide approach to data leaks, not just specific security threats. It works across three levels: data at rest, network traffic and data at use in Windows endpoints. The steps listed below are the correct measures to take for data loss prevention.Data at Rest The three steps to follow are discover, analyse and remediate.Your DLP solution should be designed to locate data across the entire environment. It must be able to look for data in all the places data lives in, such as file shares, servers and data stores, laptops, desktops, SharePoints, content management systems and in structured data stores. Once the data has been found, an organisation analyses it and decides whether it should be allowed to remain there. If not, a whole host of remediation options can occur, such as moving, deleting and quarantining. For example, if a scan discovers that endpoint users have sensitive files in their trash bins, DLP can notify the users to empty their trash. If re-scans continue to show that action has not been taken, it can fire off a script to empty the bins for them. Data in MotionThe three steps to follow are monitor, analyse and enforce.Unauthorised transmissions of data, whether they’re accidental or malicious, have to be monitored and blocked to prevent data loss and to protect the business. On the network side, DLP provides the ability to monitor and enforce across platforms such as corporate email systems, web-based email, instant messaging offerings and web-based protocols. The software not only identifies sensitive information through the analysis of the data inherent in a transmission, but also prevents the loss of sensitive data by blocking or encrypting such transmissions if they violate a defined security policy. Data in UseThe three steps to follow are monitor, analyse and enforce.Statistics show that more than half of sensitive data loss is from endpoints. To further complicate the situation, the type and amount of sensitive data on these endpoints changes dynamically every day and organisations have no established process to track and protect it. The DLP solution on the endpoint not only discovers sensitive information through the analysis of the content of a file; it can also monitor actions such as print or copy on an end user’s computer, and blocks or logs any such actions that violate a security policy. This results in proactively preventing the loss of sensitive data before it happens.Users often use USB devices to move data off and on to laptops. The DLP solution can prevent this altogether, or stipulate that you can only use a company-certified device. There are many security pitfalls facing enterprises today, but it’s fortunate that data loss can be prevented by implementing 21st century technology solutions.   

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Proofpoint unveils new data protection framework for organisations
Middlebank forms strategic alliance with Freterium in TMS deal
Dreame Technology enters New Zealand market with X40 Ultra
Trustifi launches automated data loss prevention tool for MSPs
How can retailers take control of their cash flow as peak season approaches?
Top stories
Sectigo launches pkimetal to streamline certificate linting
OVHcloud launches global Managed Rancher Service for multi-cloud
NZ cyber security agency joins global effort against PRC botnet
Selling ransomware breaches: Four trends spotted on the RAMP forum
MathWorks launches new support package for Qualcomm Hexagon NPU