29-11-2012, 05:50 PM
data losses prevention
data losses prevention.doc (Size: 1.27 MB / Downloads: 33)
INTRODUCTION
In today’s digital economy, data enters and leaves cyberspace at record rates. A typical enterprise sends and receives millions of email messages and downloads saves, and transfers thousands of files via various channels on a daily basis. Enterprises also hold sensitive data that customers, business partners, regulators, and shareholders expect them to protect. Unfortunately, companies constantly fall victim to massive data loss, and high-profile data leakages involving sensitive personal and corporate data continue to appear.
These data losses could substantially harm a company’s competitiveness and reputation and could also invite lawsuits or regulatory consequences for lax security. Therefore, organizations should take measures to understand the sensitive data they hold, how it’s controlled, and how to prevent it from being leaked or compromised.
Data Loss Prevention is one of the most hyped, and least understood, tools in the security arsenal. With at least a half dozen different names and even more technology approaches, it can be difficult to understand the ultimate value of the tools and which products best suit which environments. DLP is an adolescent technology that provides significant value for those organizations that need it, despite products thatmay not be as mature as in other areas of IT.
. DATA LOSS PROBLEM
The issue of data loss encompasses everything from confidential information about one customer being exposed, to thousands of source code files for a company’s product being sent to a competitor. Whether deliberate or accidental, data loss occurs any time employees, consultants, or other insiders release sensitive data about customers, finances, intellectual property, or other confidential information (in violation of company policies and regulatory requirements).
According to the Open Security Foundation, which tracks publicly reported incidents, 714 cases of data loss were reported in 2008, affecting a total of more than 86 million records. Depending on the type of data loss experienced, an organization can suffer a variety of consequences, but in nearly all cases, it’s both a financial and reputation cost.
With all the avenues available to employees today to electronically expose sensitive data, the scope of the data loss problem is an order of magnitude greater than threat protection from outsiders.
Consider the extent of the effort required to cover all the loss vectors an organization has the potential to encounter:
• Data in motion – Any data that is moving through the network to the outside via the Internet
• Data at rest – Data that resides in files systems, databases and other storage methods
• Data at the endpoint – Data at the endpoints of the network (e.g. data on USB devices, external drives, MP3 players, laptops, and other highly-mobile devices).
To avoid getting broadsided by a data loss, companies must evaluate their specific vulnerabilities for each loss vector and respond appropriately.
It’s a mobile, connected world – and companies are paying the price for not monitoring and controlling electronic communications as they exit the safety of the company. While most organizations scan inbound email for unsolicited or dangerous content, most fail to check their outgoing email, IM and other Internet-based communications, essentially allowing the unauthorized or unintentional transfer of sensitive information outside of the organization.
Data breach has been one of the biggest fears that organization face today. Deloitte’s 2006 Global Security Survey reported that 49 percent of companies have experienced an internal security breach in the past year. Of those, 31 percent experienced a breach from a virus/worm incident, 28 percent through insider fraud and 18 percent by means of data leakage (19 percent experienced the breach through other means and 4 percent choose not to specify). It’s also significant that fully 96 percent of respondents reported that they are, “concerned about employee misconduct involving their information systems.”
LEAKAGE,
in which sensitive data is no longer under the organization’s control (in computer security parlance, this is a loss of confidentiality). This common form of data loss is often due to hacked customer databases, making its most common consequence
identity theft. In the largest single attack of this type to date, hackers stole 130 million
credit-card records from one of the US’s largest payment processors Another involved 94 million customer records held at a major retailer.
DISAPPEARANCE
or damage, in which a correct data copy is no longer available to the organization (corresponding to a compromise of integrity or availability). An example occurred in 2009, when a major cell phone service provider suffered widespread loss of customer data that was supposed to be housed by a third-party cloud-based storage service. In normal operation, the smart phone would automatically sync its data at power-off with the central server, which stores it for use when the phone is on again. For reasons that still aren’t fully known, a server crash at the storage service temporarily wiped out backups of memos, photos, and other data for more than a million smart phone customers
Clearly, if the last accurate data copy is physically stolen, the organization faces both problems. Alternatively, it might not be immediately clear which of these situations pertains in some cases.