Q

Do information leak prevention products protect critical data?

Can one product really protect your enterprise from an information leak? In this expert Q&A, Mike Chapple examines the content protection market and warns users to keep realistic expectations.

How do information leak protection products use the network, and are they effective in protecting critical data?
Protecting organizations against an information leak is quite a challenge, and the technology to assist with this herculean task is relatively immature. However, there are several products on the market today that can help achieve this difficult goal.

The mechanisms used by content protection systems vary from one product to another. Most are based upon pattern

matching or signature detection. The former requires administrators to provide patterns (e.g. regular expressions) that describe sensitive data. This technique is especially useful when you're attempting to detect outbound flows of Social Security numbers and/or credit card information. For example, you might use the regular expression "d{3}-d{2}-d{4}" to match a standard U.S. SSN consisting of ten digits hyphenated in the form xxx-xx-xxxx. Signature detection systems typically require administrators to "register" sensitive content with the protection system. Administrators can do so by uploading individual files, scanning a file share or integrating with a document management system.

When using a content protection system, it is important to have realistic expectations. These systems tend to require a great deal of administrative attention to install, configure/tune and operate. If you expect a "plug and play" product, you'll likely be disappointed.

More information:

  • Learn how Google Notebook can expose an enterprise's confidential information.
  • When building a database application, sensitive data is often made available unintentionally. In this tip, Michael Cobb explains how the information is leaked.
  • This was first published in March 2007

    Dig deeper on Identity Theft and Data Security Breaches

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close