COLUMN

Organizations struggle with data leakage prevention, rights management

By Eric Ogren 26 May 2009 | SearchSecurity.com Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

While it is important to have technology that can automatically block violations of acceptable use policies, it is more important to have end users that know their responsibilities and application developers that integrate data security. That's where audit, discovery and reporting features come into play when evaluating data protection products such as data leakage prevention, endpoint device control and rights management systems.

The market trend is to consolidate management of DLP, RMS and device control features, with data security elements becoming embedded in application environments. Data leakage prevention recognizes sensitive data during content inspection on a network appliance and endpoint software. Rights management attempts to restrict end-user actions such as printing and copy/paste where the data could step outside of IT control and device control aims to prevent confidential data from walking out the door on removable media including USB devices.

But social behavior, or poor judgment by people, easily defeats each of these technologies. To make them more effective, the entire IT organization must be involved. Informal discussions with IT show 50-75% of the value of data protection software is in allowing IT to collaborate more effectively with end users on security education and to consult with application owners on integrating specific corporate security policies into applications to reduce business risk. The dynamic nature of business makes administration of data security too unwieldy if applied on a rigid granular basis and less effective when policy rules are broadly applied across corporate users, data and actions.

SearchSecurity radio:

• Audit user handling of sensitive data. A huge benefit of device control, DLP and RMS systems is the auditing of endpoint data handling activity and notification of policy exceptions. Security can then use an enterprise risk management capability, such as from Liquid Machines, to tune corporate policies to make it easy for end users to comply and application services to effectively protect confidential data from the source.

• Discover sources of sensitive data. The content inspection functionality of a DLP appliance in the network can help IT detect new sources of structured and unstructured confidential data. Users of Code Green software use data security event notifications to call end users and remind them that emailing sensitive data is an irresponsible business practice and point them to safer ways to do their work. Effective security teams use DLP to coach the user community on the best ways to handle sensitive data.

• Prevent abuses of enterprise risk management policies. IT has to be judicious when automatically blocking actions that are not compliant with data handling policies as there frequently are valid business exceptions. A Lumension customer applies endpoint device control to restrict the copying of data to and from USB devices in office desktops, for instance.

Look for consolidation, redundancy and overlap of features in data handling security products as organizations prioritize their enterprise risk management programs around policy management. Eventually, data protection and strong auditing features will be integrated into infrastructure products such as Oracle databases, SharePoint document sharing systems, and Blackberry communication gateways. But for most customers, people will remain their greatest asset which is why the momentum on auditing and discovery will continue to out pace prevention.

Tags: Data Loss Prevention,  Enterprise Data Governance,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Data Loss Prevention Health Net breach failure of security policy, technology Health Net healthcare data breach affects1.5 million Layoffs prompt insider threat fears, cybersecurity survey finds Breach prevention: How to keep track of data and applications Trend Micro to address DLP after analyst report criticizes strategy How to secure USB ports on Windows machines DLP technology challenges security costs Defining DLP Analyst DLP study finds maturity, ranks top DLP vendors Data protection tips for corporate compliance leaders Enterprise Data Governance How to protect distributed information flows Interpreting 'risk' in the Massachusetts data protection law Creating an enterprise data protection framework Analyst DLP study finds maturity, ranks top DLP vendors Voltage, RSA spar over tokenization, data protection Twitter gets condemned by CISOs at Forrester forum PCI DSS compliance requirements: Ensuring data integrity Trustwave acquires data loss prevention vendor Vericept Data has become too distributed to secure, Forrester says Cloud-based security services should start private

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary cut-and-paste attack  (SearchSecurity.com) data masking  (SearchSecurity.com) data splitting  (SearchSecurity.com) deperimeterization  (SearchSecurity.com) Google hacking  (SearchSecurity.com) masquerade  (SearchSecurity.com) snooping  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary