Skip Links

Network World

  • Social Web 
  • Email 
  • Close

New ways to protect data from insider attacks

The toughest security problem is the insider attack. These emerging tools promise to eliminate the threat
By Beth Schultz , Network World , 03/19/2007

A disgruntled employee here, a careless one there, and just about any enterprise can find itself facing a mountain of trouble from confidential information made public. Help is at hand. Armed with increasingly sophisticated outbound-content monitors, information security officers finally have the weapons they need to conquer the threat of data leakage.


Does the IT staff represent a bigger security threat than business unit employees? Read the story, place a vote and share your opinion.


Outbound-content monitoring - also known as data- or information-leakage prevention - came of age in the past year. The devices "have reached a state where they can be a fundamental part of everyone's network," says Josh Levine, managing director at Kita Capital Management, former CTO at E*Trade Financial and board member for device start-up Securify.

Scott Mackelprang, vice president of security and compliance for Digital Insight, an online banking services company in Calabasas, Calif. (now part of Intuit), agrees. And he's no pushover. "When I first saw technologies that were filtering at the perimeter to catch things on the wire, I was pretty skeptical, and I left them alone," he says. "For the longest time, I just watched the technology."

Then he discovered Tablus' Content Sentinel, which can find sensitive data even when the data is not moving but resting in odd and unexpected places, such as crummy old laptops and beat-up computers. He uses Content Sentinel plus Tablus Alert to look for sensitive data on desktops and as it moves across the network. Securing the network from the data's origination point - rather than from the firewall - is evolutionary, he says.

Maturing technology

Early outbound-content monitors typically focused on finding sensitive data from a single data source - for example, e-mail - as it was trying to cross the perimeter. But today's versions can scan just about any type of datastream, including Web traffic, e-mail, FTP, electronic faxes and instant messages. Some monitors also detect stored sensitive data squirreled away in Word documents, spreadsheets, PowerPoints - just about anywhere. In addition, they're much more linguistically sophisticated than earlier products, says Trent Henry, a senior Burton Group analyst.

Comments (3)
Login
Forgot your account info?

French smenchBy meatpieandtatters on July 24, 2007, 9:33 amThe majority of the Internet, and especially the offensive stuff, is in English. Anybody can effectively manage and secure their network with a combination of monitoring,...

Reply | Read entire comment

GTB Inspector is the answer!By GTB Marketing on March 20, 2007, 11:32 pmGTB Inspector is capable of multi-protocol outbound content monitoring with real time enforcement and without need for rights management software.

Reply | Read entire comment

Defeating data-protection software with other languagesBy Anonymous on March 20, 2007, 7:35 pmWhat about languages other than English? I speak fluent French. I'd take the confidential document, use Babblefish to make a rough translation, correct any transaction...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Save The Date!
What They Are Saying

I also lost internet access, and resorted to "uninstall KB951748 & KB951978". Access returned. Tried...- Anonymous

Join the Discussion