This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."
Download it now to read this article plus other related content.
PLUGGING DATA LEAKS|
The increasing number of ways users can communicate or move data online makes controlling data leakage a key objective for most administrators. While information escaping the organization has always been a problem, the depth and breadth of the problem has changed dramatically. Data leakage can occur by accident or because of poor business processes, but increasingly, malware of some form or another is sending it out through the network.
Web security gateways can certainly help in this area by monitoring the types of files going through the network perimeter and scanning documents for phrases and terms that could potentially cause data leakage. Coordination of content policy across all communication channels is a lot more efficient when they're all passing through one box.
As part of the process of reducing data leaks, users need to be made aware of the risks of Web 2.0 in the same way most have been told of the dangers of email attachments from unknown sources. Web security gateways that capture traffic on all ports and protocols can produce an excellent evidence chain to help challenge risky user behavior. To do this, they need to provide clear and concise reports of consolidated data; an outstanding feature of Mi5's Web-gate are its reports. Another tool to stop data leakage, provided by Webgate
| and other Web security gateways, is identification and remote remediation of infected PCs.
One area that has always been a bit of a blind spot when it comes to data analysis is SSL traffic. SSL decryption requires that the SSL certificate is imported into the device so that it has the ability to decrypt and inspect SSL traffic. This obviously incurs heavy overhead. Most Web security gateways still require an SSL proxy engine to be added separately to handle SSL encrypted traffic.
The attraction of this approach is that it costs a lot less than trying to provide top-down security. But it requires a mature user base and may not fully address the data leakage problem. Web security gateways allow an organization to apply security policies to data on a network while still tackling the dangers of external threats. Out-bound traffic control is increasingly important, and for those who think deperimeterization is too bold, the Web security gateway has many benefits, particularly the convergence of security and systems management
Roundtable's Stump plans to roll out ScanSafe to the additional Dairy Queen stores the company plans to open in the coming months. The service is easy to manage over the Web, allowing him and his team to enable or disable URLs and types of Web sites, like social networking ones. Limited to little else than the company's domain, employees now have no choice but to comply with corporate policy. "We let them get weather and that's about it," Stump says.
This was first published in April 2008