Skip to main content

Security: Have you thought about data theft?

Greg passed me over this link and this has been the strongest case that I have been pushing for quite a while. I have spoken about it in my keynote in Belgium (in fact you can see the news coverage here, the organizer sent me over the scanned copy as this was not a digital paper).

Internal breaches and data theft should be your biggest concern in today's world. Yes, I talk about globalization, I've spoken and am a great believer in collaboration but I also understand the danger that comes with it. As mergers and acquisitions happen, as disgruntled employees leak information out to competitors, things can get very ugly.

In my interview we Greg, we also discussed about it briefly and you'll see the link to the video later today on my blog as a separate post.

"The technology works fine if you can establish the right policies to filter and identify potential problem areas, but that's a very hard thing to do," said Larry Ponemon, chairman of the Ponemon Institute, a security research firm. "The hope of DLP has always been prevention, and that smart companies would be able to use these tools to quarantine data before leaks, but the reality is that if you ratchet up the prevention too high, it creates a burden for organizations in trying to carry out normal transactions." So he expects most DLP-using companies to have low — or no — thresholds for what is blocked.

Where DLP can help today
Despite their criticisms of how difficult it is to understand the real-world flow of data and to use DLP tools to create enforcement policies that would work in a typical business environment, both ING's Gold and Broadcom's Venner do see a use for DLP technology today: as an analytics said.

"Right now we'd rather use the system to know someone did something after the fact, versus trying to block. It's amazing how different the real world is compared to what you believe it to be," Venner said.

So today, Broadcom is working to apply the DLP platform's business intelligence and data analytics tools to better understand where it can create and enforce controls, and what levels of data risk various business units are willing to stomach.

Read it all here.


Popular posts from this blog

DeepLearningTrucker Part 1

Avastu Blog is migrating to; 1st Jan 2009 live


I will send out emails personally to those who are using my link(s) on their sites.

Thanks much for your co-operation and hope you enjoy the new site and its cool new features :-)

Not like the site is unlive or something..on the contrary, its beginning to get a lot of attention already. Well most of the work is done, you don't have to worry about anything though:

What won't change

Links/Referrals: I will be redirecting the links (all links which you may have cross-posted) to - so you don't have to do anything in all your posts and links. Although, I would urge however that you do change the permalinks, especially on your blogs etc yourselfThis blog is not going away anywhere but within a few months, I will consider discontinuing its usage. I won't obviously do …

Cloud Security: Eliminate humans from the "Information Supply Chain on the Web"

My upcoming article, part - 3 data center predictions for 2009, has a slideshot talking about the transition from the current age to the cloud computing age to eventually the ideation age- the age where you will have clouds that will emote but they will have no internal employees.

Biggest management disasters occur because internal folks are making a mess of the playground.

Om's blog is carrying an article about Cloud security and it is rather direct but also makes a lot of sense:

I don’t believe that clouds themselves will cause the security breaches and data theft they anticipate; in many ways, clouds will result in better security. Here’s why: Fewer humans –Most computer breaches are the result of human error; only 20-40 percent stem from technical malfunctions. Cloud operators that want to be profitable take humans out of the loop whenever possible.Better tools – Clouds can afford high-end data protection and security monitoring tools, as well as the experts to run them. I trust…