Skip Links

Network World

  • Social Web 
  • Email 
  • Close

When the inside threat is from outsiders

Insider Threat By Faizel Lakhani , Network World , 04/21/2008
  • Share/Email
  • Comment
  • Print

With the economy being so shaky right now, my company has put a freeze on hiring and we are currently using temporary contractors to fill certain positions. It seems that outsiders are the new insiders. Any tips on best practices for making sure contractors have what they need, but can't take sensitive information out the door when the job is done?

Every organization faces the challenge of protecting against data loss, and with the use of contractors and trusted partners there is an increased urgency on protecting data. Organizations today must protect sensitive data by first identifying where this data is, then determining who can access it. Many organizations give open access to their networks to anyone needing connectivity. With this liberal approach comes the challenge of determining what sensitive data is openly accessible. The issue of determining what data exists where is compounded with the increased use of Web 2.0 applications such as Wikis and Microsoft's SharePoint that allow users to post and communicate information without restriction or control.

Data discovery or content inventorying is the first step organizations must take to determine what content exists where. Many business or security teams do not know what sensitive data exists on which servers or machines, making data protection a far off dream. Data-at-rest discovery tools can solve this problem by scanning the network to discover machines and then go on to crawl the content on these machines. The analysis of content is sophisticated in that pre-defined compliance templates can be used as well as hundreds of other content classifications.

From these crawls of data-at-rest, the organization has a taxonomy of content - its location and meta information. Armed with this, the organization can then take the necessary steps to control if this data should be openly accessed and by whom. Automated remediation options include copying the files to secure location, applying DRM policies to the content, or notifying the content owners - just to name a few options.

Once this information is identified it can also be registered to detect its movement outside of the company through the corporate firewall or from a PC using WiFi, USB or Bluetooth connections. Data-in-motion data loss prevention products analyze all content as it leaves an organization without any changes to the user machines that are sending it; hence this solution works well for machines that are not owned by the organization like those of contractors and business partners. Data-in-use endpoint agents provide similar functions for examination of content leaving the PC.

  • Share/Email
  • Comment
  • Print
Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed

Whitepapers

Windows Vista: Necessity and Opportunity

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...

Vulnerability Management For Dummies

Download this concise book "Vulnerability Management for Dummies," to learn about the simple steps...

Security Considerations When Deploying Remote Access Solutions

Effective network security is most successful when you use a layered approach, with multiple...

Webcasts

Migrating to Windows Vista: Necessity and Opportunity

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...

Turning information into a Competitive Advantage

Companies today are realizing that competitive advantage is harder to sustain when based solely on...

PoE Plus: Impact on the PoE Market

The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...

Special Reports

Unified Threat Management from CheckPoint

Discover why Unified Threat Management Firewalls are ready for the enterprise today. High...

The Evolution of Network Security

We have so many holes punched in our firewalls today that many industry insiders question the value...

The self-managed network

We aren't there yet, but advances in network and systems management tools are making it possible to...

Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Network World,to go. Wherever you are. Breaking news delivered to your mobile device. Select the hottest topics in networking and start receiving Network World on your mobile device today.