Checkpoint performed some research that shows when most people leave a company, they take some amount of company data with them.
This seems to be fairly intuitive. I am sure that a number of people will forward contacts that they want to stay in touch with or maybe examples of their work for their next position. And I suppose, some would take data for malicious intent as well.
But as one that has been tasked with insuring the integrity of the data within your organization is kept intact, how do you insure people leaving your company leave the sensitive data behind?
Well, quite honestly, that's not an easy task. Without some form of certificate-based access that allows for centralized access and permissions to documents, there are few ways to expire that information once it leaves the confines of your network.
There are a few software packages that can allow you to wipe a document after a certain period of time and then there are also the programs that require the documents to connect to a centralized location to insure the person attempting access is allowed. But no organizations that I am familiar with are deploying anything like this on a grand scale.
The problem always starts at identifying the data that needs protected. This must be the first step in the road to securing sensitive data. If you do not know what to protect, then you are wasting cycles on data that might not need protecting and possibly missing the data that does need securing.
Once you feel comfortable with what you know and don't know, then you can proceed to defining access roles and implementing control mechanisms.
This is where things tie back into where I began.
This study by Checkpoint was performed to sell Pointsec's Device Protector which allows organizations to define which USB devices are allowed to connect to corporate assets and how data is allowed to be transferred between the two.
This is important because users have always taken data with them when they've left their company.
What may have been just some notepad with a few bits of information jotted down on them thirty years ago can now be a million files on an eight gigabyte hard drive in someone's pocket.
The potential for problems dwarfs the past possibilities. (that's an alliteration, folks)
WinMagic, Utimaco, and Guardian Edge, to name a few, are also manufacturing similar products to Device Protector to help organizations reign in USB access.
All of these manufacturers know that there is a need for their products and that it's only a matter of time before every organization comes to that same conclusion.
Michael Mongold
Comments