Though data-loss prevention gear is proving a boon for corporate security, its "see all, know all" style of content monitoring can cast a harsh glare on business practices and legal issues that end up putting information-technology staff on the spot.
DLP content-monitoring equipment often gets rave reviews from security managers deploying it because it can give them a view they never had before into their organization's daily business communications. It may present the big picture, zeroing in on where sensitive data slipped out and who did the deed. But chief security officers with months of DLP experience caution all this newfound knowledge can be disruptive, spotlighting internal data-management practices that incite concern about possible regulatory violations.
"You move from ignorance to compliance jeopardy," acknowledged Tony Spinelli, senior vice president of information security at credit information services firm Equifax, describing one impact that deploying DLP -- in this case, the Symantec Vontu equipment -- made at his firm. "A lot of regulations say when you know what's leaving your network, you have to disclose that."
Spinelli, who spoke on a panel at last month's RSA Conference on the topic, said in spite of the initial disruption caused by finding out about internal business data practices that had to be fixed, Equifax is now so accustomed to DLP content-monitoring that it's now considered just part of the security "hygiene," he said.
DLP also has played a role in bringing together the human resources, legal and security groups at Equifax to coordinate content-monitoring policy, he added.
Two other security managers who joined Spinelli at the RSA panel to discuss DLP also cited its disruptive influence.
"How do you look at your data, know your data and understand what you have? We never had tools to tell us what was happening and we relied on anecdotal evidence or audits to find out," said Patrick Lefemine, chief information security officer at Lincoln Financial Group, another Vontu user.
Lefemine acknowledged the initial piloted use of DLP "scared the hell" out of both management and IT staff, especially the time it spotted the CEO's salary, Social Security Number and home address being inadvertently transmitted. "That got us the funding for this project," he added.
Lefemine said one of the toughest realizations imparted by the hard wisdom of DLP was the need to stop the sharing of even a single unencrypted Social Security Number with business partners -- a demand pressed by Lincoln Financial Group's audit department after it discovered how powerful DLP was in monitoring content.
The third panel speaker, Rhonda MacLean, global information security officer at Barclays Bank, said use of the Vontu DLP highlighted the difficulty of conforming to the many cross-border data-flow regulations of Europe and elsewhere.
"The problem has gotten more complex," she said, noting Barclays Bank operates in 67 countries. "One incident could [set in motion] regulation dominoes." Though DLP can shed more light than you might like on corporate data practices, she commented, it does offer "a source for truth for data" so that needed changes can be made.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Vignette Announces 2008 Excellence Awards 2008-11-21 10:50:00+11
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 2008-11-20 17:34:00+11
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 2008-11-20 12:06:00+11
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 2008-11-20 12:04:00+11
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 2008-11-20 12:02:00+11
Security Inside Out
A security breach has the potential to impact your bottom line, damaging reputation, customer loyalty and profitability. Managing security risks in today's environment requires a framework that extends beyond traditional network perimeter measures to protect applications, middleware, and data infrastructures. Read on to discover how you can create an enterprise security framework to protect your business.
Buying Guides
Latest Products
Buying Guides
