Is Information Protection Even Possible?

December 17, 2009 by ADMIN

Share |

By Danny Lieberman, Security Expert and Founder of Software Associates

A Few Months ago I saw an article in ComputerWeekly that asked – Is data loss prevention possible?

“Data is out of control in the corporate world…I think… the only way that we can have influence on the likelihood of (data loss) occurring is through a couple of fundamental controls, namely 1. Reduce and limit access to data 2. Control the “copy-ability” of data…”

I think that a more relevant question is “Is information protection possible?”

The author correctly identifies that it’s easier to access data (and leak it) than to modify or delete data. However, the notion that data is out of control in the corporate world is an over-reaction and does a mis-justice to most businesses.

Companies already manage access and control “copy-ability”. This is not new, nor is it effective against the threat of a major data loss event.

Organizations from SME and up to Global 2000 use Microsoft networks based on Active Directory with planned (not always well executed) group policies and permissions management.

Controlling access and copy-ability in the service of business objectives is precisely the objective of these systems.

If you need finer-grained copy protection – there are dozens of endpoint security products – from Checkpoint, Mcafee and Symantec to Controlguard.

If you need finer-grained rights management, there are products like Microsoft DRM and Oracle IRM. Personally, I don’t think that DRM is effective for enterprise information protection.

DRM changes the user experience and depends on user behavior, it can be broken and or bypassed and DRM systems are difficult to deploy on a large scale because of the above constraints.

However – permissions and rights access management and lately, removable device management have not prevented major data loss events like Heartland or Hannaford.

The reason for this is that once rights are granted – the user is trusted and can move the data anywhere he or she wants.

We need information protection, not copy protection; and in a way and at a cost that is a good fit for the business.

Information protection is possible by taking a value-based approach that integrates with the business operation.

Analyze your business requirements and threat scenarios – and only then – consider data loss prevention solutions like enterprise information protection from Verdasys, agent DLP from Mcafee or a gateway DLP solution from Fidelis Security.

* * *

Stay Informed With ISR News Alerts:

* * *

Danny Lieberman is a serial technology innovator and leader – implementing ideas from brain to business. Danny has a graduate degree in solid state physics and has spent most of his adult life developing software. Since 2003 – Danny has been doing data security consulting and data protection/information assurance projects using data loss prevention /extrusion prevention technology.

Software Associates provides enterprise information protection to clients in Europe and the Middle East. His latest venture is MedRep, a professional network for medical representatives and doctors. Feel free to text Danny at any time of day at: +972 54 447 1114 - he is always looking for interesting projects and ideas.

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

These icons link to social bookmarking sites where readers can share and discover new web pages.