EXPERT RESPONSE
Protecting organizations against an information leak is quite a challenge, and the technology to assist with this herculean task is relatively immature. However, there are several products on the market today that can help achieve this difficult goal.
The mechanisms used by content protection systems vary from one product to another. Most are based upon pattern matching or signature detection. The former requires administrators to provide patterns (e.g. regular expressions) that describe sensitive data. This technique is especially useful when you're attempting to detect outbound flows of Social Security numbers and/or credit card information. For example, you might use the regular expression "d{3}-d{2}-d{4}" to match a standard U.S. SSN consisting of ten digits hyphenated in the form xxx-xx-xxxx. Signature detection systems typically require administrators to "register" sensitive content with the protection system. Administrators can do so by uploading individual files, scanning a file share or integrating with a document management system.
When using a content protection system, it is important to have realistic expectations. These systems tend to require a great deal of administrative attention to install, configure/tune and operate. If you expect a "plug and play" product, you'll likely be disappointed.
More information:
Learn how Google Notebook can expose an enterprise's confidential information.
When building a database application, sensitive data is often made available unintentionally. In this tip, Michael Cobb explains how the information is leaked.
|
