COLUMN

Organizations struggle with data leakage prevention, rights management

By Eric Ogren 26 May 2009 | SearchSecurity.co.UK Security UK News Digg This!     StumbleUpon     Del.icio.us

While it is important to have technology that can automatically block violations of acceptable use policies, it is more important to have end users that know their responsibilities and application developers that integrate data security. That's where audit, discovery and reporting features come into play when evaluating data protection products such as data leakage prevention, endpoint device control and rights management systems.

The market trend is to consolidate management of DLP, RMS and device control features, with data security elements becoming embedded in application environments. Data leakage prevention recognizes sensitive data during content inspection on a network appliance and endpoint software. Rights management attempts to restrict end-user actions such as printing and copy/paste where the data could step outside of IT control and device control aims to prevent confidential data from walking out the door on removable media including USB devices.

But social behavior, or poor judgment by people, easily defeats each of these technologies. To make them more effective, the entire IT organization must be involved. Informal discussions with IT show 50-75% of the value of data protection software is in allowing IT to collaborate more effectively with end users on security education and to consult with application owners on integrating specific corporate security policies into applications to reduce business risk. The dynamic nature of business makes administration of data security too unwieldy if applied on a rigid granular basis and less effective when policy rules are broadly applied across corporate users, data and actions.

• Audit user handling of sensitive data. A huge benefit of device control, DLP and RMS systems is the auditing of endpoint data handling activity and notification of policy exceptions. Security can then use an enterprise risk management capability, such as from Liquid Machines, to tune corporate policies to make it easy for end users to comply and application services to effectively protect confidential data from the source.

• Discover sources of sensitive data. The content inspection functionality of a DLP appliance in the network can help IT detect new sources of structured and unstructured confidential data. Users of Code Green software use data security event notifications to call end users and remind them that emailing sensitive data is an irresponsible business practice and point them to safer ways to do their work. Effective security teams use DLP to coach the user community on the best ways to handle sensitive data.

• Prevent abuses of enterprise risk management policies. IT has to be judicious when automatically blocking actions that are not compliant with data handling policies as there frequently are valid business exceptions. A Lumension customer applies endpoint device control to restrict the copying of data to and from USB devices in office desktops, for instance.

Look for consolidation, redundancy and overlap of features in data handling security products as organizations prioritize their enterprise risk management programs around policy management. Eventually, data protection and strong auditing features will be integrated into infrastructure products such as Oracle databases, SharePoint document sharing systems, and Blackberry communication gateways. But for most customers, people will remain their greatest asset which is why the momentum on auditing and discovery will continue to out pace prevention.

Tags: Data Protection Solutions and Strategy,  Web Application Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Data Protection Solutions and Strategy Enterprise data management: Prevent data loss and insider threats NSA, cryptoexperts jab at RSA Conference 2010 Cryptographers' Panel Make PCI DSS compliance easier by reducing scope, outsourcing data Data Protection Act fines likely limited, audit powers may expand Websense integrated security system aims to simplify security management Full disk encryption: Safer and easier than file and folder encryption No major PCI DSS revision expected in 2010 Data breach costs continue to rise in 2009, Ponemon study finds Chinese hacker attacks target Google Gmail accounts, top tech firms Annual security reports offer some hope Web Application Security Social networking risks, benefits for enterprises weighed by RSA panel How to prevent Adobe hacks from affecting your organisation Securing Web applications with Web application firewalls CISOs take measured steps to reduce social media risks Google to pay for Chrome browser vulnerabilities Facebook, McAfee partner to fix social network security issues PDF attack code complicates security analysis, skirts detection Annual security reports offer some hope Firefox, Opera, Safari browsers top list of high risk software Active PDF attacks target Reader, Acrobat zero-day vulnerability

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary UK Identity Cards Act  (SearchSecurityUK.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary