Wikileaks has been a prominent topic in the news as of late. The release of sensitive information has profound implications for government agencies and the private sector. It is obvious that the government agencies affected by the recent information leaks are wishing they had better control over this sensitive information. Recent reports speculate that the data sharing networks created post 9/11 made a security breach like this an inevitability. No doubt these cross-agency data sharing repositories were a contributing factor but hardly the only one.
What can one do to protect themselves against this? Data Loss Prevention solutions (or DLP) are a fast growing segment of the security market today. Such solutions can protect against the release of sensitive information. Certain keywords, flags or behaviors can trigger a well designed DLP system to block sensitive documents from leaving the secure corporate network. Try to email a PDF document containing state secrets to your personal Hotmail account and that email will be blocked. Less commonly deployed but just as important is control over end user workstations. How can you stop an employee with legitimate access to sensitive data from copying such data onto a local USB drive and taking it home? How can you prevent someone from accidentally publishing a document containing the company’s payroll information onto the corporate Intranet for all to see?
Control of sensitive data is a multi-faceted challenge that will continue to plague IT leaders for the foreseeable future. Mobility trends in the upcoming years will continue to create new risks for sensitive information. How do you stop an employee from bringing an iPhone into the office and simply taking pictures of sensitive documents? How do minimize the risk of data loss should an employee lose their company-issued Android tablet at the coffee shop.
New challenges will inevitably create new opportunity for innovative minds to come along and solve these security challenges. I’m betting that this product space will experience exciting growth and innovation in 2011/2012.
- Compliance & Security
- Hosting & Cloud
- Business Continuity