Stories by Erik de la Iglesia

Data leakage prevention: Port dependence dangers

Data leakage prevention (DLP) refers to a class of detection and enforcement technologies aimed at securing internal information. The latter can be anything from compliance-related data (social security and credit card data) to intellectual property (IP). Enforcement capabilities extend from detection and alerting all the way to blocking, quarantining, or encrypting the outbound network traffic. Initial technology deployments focused on e-mail (an easily proxied protocol) but have recently begun to include HTTP, FTP, and various chat or IM services as well as encrypted transports such as SSL and SSH.