INSIGHT | October 1, 2009
As another summer comes to an end, we've seen yet another mass of individual records breached and reported by the media. This time over 1,103,820 from June 1 through September 30. So why after years of increased focus on data loss prevention, privacy and identity theft awareness are we still seeing these events occur? What's the one commonality in most of these breaches?
Most occurred in the Extended Enterprise. Remote employee laptops, USB flash-drives, trusted third-parties handling information..all common occurrences in today's mobile world. Keenly aware of these security threats, almost all large organizations employ best practices such as firewalls, intrusion detection, access-control, encryption, network monitoring, etc to prevent such data loss. Another safeguard gaining ground? Data Loss Prevention (DLP) refers to systems that identify, monitor, and protect data in use, data in motion, and data at rest.
Adoption for DLP has certainly been slower than expected in recent years despite ever-growing concerns about data security and privacy. Originally billed as the most holistic suite on the market, what's risen to the surface are limitations: cost, difficult implementation, complicated configuration, and zero visibility within the Extended Enterprise.
After all, it is a "prevention" tool, so it shouldn't allow data out in the first place, right? Well, sort of. DLP is great at blocking flagged data trying to get out to an unauthorized recipient, but what about an "approved" and "trusted" third party? What happens when sensitive data is sent to them with permission? It is sent according to approved business rules.
The problem is that your organization’s information is now beyond your control, beyond the border, and in the hands of a supplier, agent or partner who may not have the same best practices, guidelines and safeguards in place. A true area of vulnerability that has only recently been addressed, beyond the border is where most data breaches occur. It's also where DLP and other security practices seriously break down. Offering zero insight, zero tracking metrics, zero visibility.
What's the answer? Cyberintelligence monitoring solutions, such as: internet threat and sensitive disclosure detection and remediation, anti-phishing, and counterfeit detection have emerged in recent years. Unlike more traditional solutions, cyberintelligence can provide valuable insight into what's occurring outside the corporate perimeter.
Read Gartner Cyberintelligence Report
Related News
|
|
| |
Key Insights
01 | P2P networks continue to grow in size and popularity due to the extent of the content that is present and available on the networks, that in many cases, is not available from any other public source.
02 | In addition to movie and music files, millions of documents, that were not intended to be shared with others, are also available on these networks.
03 | Consumers are at risk (in terms of financial fraud, medical fraud, child predation) despite the numerous warnings and assurances by the developers and government agencies in previous hearings, the problem remains.
04 | There has been an unprecedented increase in identity thieves using P2P software programs to harvest consumer information.
05 | P2P file sharing is one of the most powerful technologies created in recent years, however, as with the World Wide Web, it is not without its inherent risks.
|
|
|
