PortAuthority Technologies aims to plug information leaks

* PortAuthority Technologies delivers information leak prevention

When it comes to information security, do you feel like the little Dutch boy who tried to plug the leak in the dike with his finger? As one leak stopped, another began, and every tiny breach in the protective dike put the whole community at risk.

So it is with your organization’s information assets. The only way to secure everything is to layer on different kinds of protection. You probably already have the firewall layer, the intrusion detection layer, the antimalware layer, and so on. Have you given thought to the information leak prevention (ILP) layer? An ILP system is designed to protect information from the inside out and stop sensitive data before it is accidentally or maliciously sent to unauthorized recipients.

According to the Computing Technology Industry Association (CompTIA), the majority of data breaches are attributed to employees. CompTIA estimates that as many as 60% of the breaches in 2005 were purposely or inadvertently caused by employees.

When you think about it, your organization has information in all forms, including databases, spreadsheets, documents, archives, drawings, and so on. And it's stored in all sorts of places, like on users’ hard drives, in network-based content management systems, on mobile devices, etc. Finally, the data is accessed and transmitted using numerous channels, including e-mail, instant messaging, FTP servers, CDs, printers, and the elusive key fobs. That makes for a pretty complicated scenario in trying to prevent this information from going out the door improperly.

PortAuthority Technologies delivers ILP through a line of purpose-built appliances. These appliances use the typical kinds of content screening methodologies that you would expect: identifying the file type; searching on key words and phrases, such as “confidential”; looking at patterns or expressions, such as “xxx-xx-xxxx” for social security numbers; or setting threshold counters, and others.

In addition, PortAuthority has a patent-pending technology called PreciseID that makes the appliances quite accurate in their ability to screen data properly. The PreciseID technology reduces information to its most basic level - more basic than the “container” or metadata of a file or document. PortAuthority likens it to finger-printing your information.

PreciseID generates a mathematical representation of a group of characters, words, sentences or data fields of a document, message or database, and precisely identifies the sensitive data and its metadata. Content filtering software then uses your company-defined policies to determine what can and can’t be done with the data. For instance, you can prevent it from being printed by specific people or groups, or from being copied to a thumb drive if such an action violates a policy governing that data. Content can be screened as it moves through your network or as it sits at rest on PCs and servers.

The finger-printing technology of PreciseID, combined with the other content screening methodologies I mentioned above, result in PortAuthority’s solutions offering a very low false positive rate. More importantly, the appliances have a very low false negative rate, ensuring that information leaks are actually prevented and not simply detected after the fact.

Anyone who is intent on taking your data and moving it outside the company will meet his match with the PreciseID technology. According to PortAuthority Technologies, the fingerprinting technique can prevent the following types of breaches:

* Format Manipulation - Protection for alteration of original format. (e.g., font, font size, spacing, order of text etc.)

* File Type Manipulation - Protection for data "saved as" a different file name/format.

* Copy and Paste - Protection for data copied from a protected document into another document, e-mail, file or Web form.

* Data Flooding - Protection for data taken from an original source and inserted into a much larger file in an attempt to disguise an information leak.

* Structure Manipulation - Protection for structured data being copied into unstructured documents or vice versa.

* Embedded Files - Protection for specific files embedded into another file format.

* Hidden Text and Hidden Columns - Protection for data hidden within a document. For example, adding a picture to cover text.

A PortAuthority appliance can be deployed in a few hours. It can integrate with your Active Directory database to help you determine authorized users and enforce security policies. Before a full implementation, you can use the appliance to do passive monitoring to determine just how big a problem you have with information leaks.

So as you build your layers of security around your information assets, don’t forget to layer on information leak prevention. It's transparent to the end users and might save your company from a costly or embarrassing release of your data outside the company.

Related:

Copyright © 2006 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022