Published: November 24 2009, 03:53 PM
by David Miller

The Ponemon Institute recently conducted and published a study surrounding 10 security trends and opinions of them according to IT leaders in the U.S. Federal government.  (The study was commissioned by CA and you can access the report here.)  Data Loss Prevention (DLP) solutions are relevant to much of what's revealed in the report.

The report discloses that 79% of the respondents believe that unstructured data increases security risk.   I've previously blogged about DLP's ability to protect unstructured data by leveraging flexible detection techniques.  This is a crucial aspect of an effective DLP solution, especially for the public sector where different levels of confidentiality need to be distinguished from one another.

Regarding actual data breaches, the study suggests that most of these are due to insider negligence vs. malicious behavior (see p.8).  "Insider negligence" is one of the primary uses for DLP.  DLP can prevent a wide range of inadvertent activity such as the delivery of an email to an unintended recipient or the disclosure of a sensitive file via a file sharing program by removing it from the local drive prior to the leak.

Outsourcing and the use of social networking or Web 2.0 tools are also important issues that were rated high in the study.  The use of outsourcing generally indicates a need for DLP technology as it can ensure that data sent to external resources is adequately protected while also validating the intended recipients. And, whether DLP is active at the endpoint (laptop/workstation) or the network boundary, social networking messages and posts (such as to a blog or a "wall") can be analyzed in order to block inappropriate data from leaving the enterprise.

The Ponemon study reveals that respondents believe that USB drives are the top mobile device-related risk to security.  DLP plays a critical role by analyzing content to determine whether data is allowed to be saved to a device.  DLP also can control this activity based on the device itself (first ensuring that the device is authorized for use) and based on the identity of the user.  For example, personnel with a Level III security clearance may be permitted to move a file with Level I clearance to a registered USB key.  However, DLP will block the attempts by personnel with lower clearance levels.  This combination of content and identity-awareness is a required capability for any DLP solution. 

Many large financial services, healthcare, and government contractor firms use DLP to protect highly confidential, unstructured data.  Public sector agencies of all sizes should also leverage DLP to enforce data usage protocol and to protect confidential information from loss, misuse, and mistakes.

Share this post:  Email

Share