Of course this is the case. Data leakage prevention tools are Leak, not theft, prevention. The problem from a compliance standpoint, is there is no dfference between an inadvertant and an intentional disclosure. You can stop the stupid, but you cannot stop the evil. The best think you can do to address the "evil" (by evil I mean those who are intent and determined to do something wrong)is have good data forensics, that way when it becomes apparent that data has been leaked (say IP to a competitor) is have tools in place to determine who, what, where and when, that way you can have evidence take action, be it a personnel action, or a leagal one, or both.
of course they don't stop intentional leak/theft
A very simple way to bypass them is to encrypt the data :)
I wrote about these tools here:
http://securetheworld.blogspot.com/2007/03/methods-for-network-based-devices.html
A snippet:
An approach that combines pattern matching for known and/or structured data and fingerprinting for unstructured data works well in detecting unintended accidental data leaks in information passing through a company's network. A report says that 60% of the leaks reported so far are of this nature. So it is a useful approach
Post new comment