A layered approach to data leak prevention

My company is increasingly deploying SSL applications and that traffic already represents 40 percent of my network capacity. With this encrypted traffic on the rise, how can I build an effective protection against the loss of sensitive data?

My company is increasingly deploying SSL applications and that traffic already represents 40 percent of my network capacity. With this encrypted traffic on the rise, how can I build an effective protection against the loss of sensitive data?

Many enterprises are currently facing a similar problem as SSL-encrypted applications become more prevalent. In 2007, Enterprise Strategy Group estimated that SSL-encrypted application deployments had increased by 50 to 55 percent.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

My company is increasingly deploying SSL applications and that traffic already represents 40 percent of my network capacity. With this encrypted traffic on the rise, how can I build an effective protection against the loss of sensitive data?

My company is increasingly deploying SSL applications and that traffic already represents 40 percent of my network capacity. With this encrypted traffic on the rise, how can I build an effective protection against the loss of sensitive data?

Many enterprises are currently facing a similar problem as SSL-encrypted applications become more prevalent. In 2007, Enterprise Strategy Group estimated that SSL-encrypted application deployments had increased by 50 to 55 percent.

In response to this new application profile, organizations need a layered data leak protection (DLP) strategy that can monitor not just email and IM traffic but also the encrypted traffic that is increasingly finding its way onto the corporate network. With an integrated data leak prevention and secure web gateway solution, enterprises can both monitor network activity and data usage and prevent users from transmitting or copying data in violation of company policies.

So, what does each solution bring to the table? A secure Web gateway can include Web request and content filtering, prevention of malware and other malicious mobile code, content and certificates validation, encrypted SSL traffic inspection and control over IM, P2P and streaming traffic. Data leak protection solutions monitor networks and user endpoints to identify and protect confidential data from distribution.

Essentially, the secure Web gateway terminates and decrypts SSL connections, passing the decrypted content to the DLP solution for monitoring. By making encrypted traffic visible to DLP solutions, a secure Web gateway broadens the coverage of DLP security to all encrypted and unencrypted traffic, ensuring that valuable data assets never leave the WAN surreptitiously. Without the visibility into SSL-encrypted traffic, the enterprise leaves a back door unmonitored and exposes itself to potential losses from data leaks.

A secure Web gateway not only provides visibility into an increasingly larger portion of traffic on the corporate network, but it also enables enterprises to apply security and control measures to SSL-encrypted traffic. This is particularly important in industries such as health care and financial services that have stringent data protection regulations with which they must comply and also heavily rely on SSL-encrypted applications.

Additionally, the secure Web gateway serves as a DLP enforcement point. Using a wide range of attributes such as user, application, location, destination, content and others, organizations can set and enforce access privileges to align security policies with corporate priorities.

This integrated, layered approach to preventing the leak of sensitive data provides protection for data in motion (on the networks), at rest (on servers and at endpoints) and in use (at endpoints and media).

Clare is director of product marketing at Blue Coat Systems. See past Insider Threat columns.

Read more about security in Network World's Security section.