Helping clients manage their technology for over 30 years.

Essentials to business disaster preparedness — #2: Use data loss prevention technology

Data Loss Prevention Solutions

If you don’t know much about your data, backing it up can be a challenge. Important data can be missed if it’s been squirreled away in some obscure location. And corrupted and/or hacked data can be taken as legitimate, backed up, and given an opportunity to re-infect other data and apps.

Fortunately, it’s a challenge that can be met with data loss prevention solutions that…

Continue reading

Data Center Shopping: Dig Deeper

Data center discussions inevitably come around to the issue of standards. And while I agree that standards, like the recently released SSAE 16, are good to consider when you’re data center shopping, you should never rely on a facility being “in compliance” as the exclusive determinate for your selection.

Standards should be the place where you begin your search. After you’ve checked off the boxes that ensure compliance with whatever standards your industry requires, dig a bit deeper.

Continue reading

What DLP can do: Identifying sensitive data

Keyboard with the word sensitive where the enter key normally is.

The first part of a data loss prevention (DLP) implementation involves inventory. Of your data, that is — because, quite simply, you can’t protect it if you don’t know it’s there.

So the first thing DLP does is discover where your sensitive data resides. The right DLP capability can sift through file servers, databases, documents, email, and Web content to discover sensitive data wherever it resides and tag it so it can be tracked wherever it goes.

Continue reading

Data loss prevention’s 3 fronts

a closeup of an eye with scanner lines on the picture.

As I described last time, data loss prevention (DLP) technology discovers and identifies sensitive data in order to monitor, control, and secure it. This occurs on three fronts:

  • On the network (data in motion). These types of DLP solutions are installed at network egress points and analyze network traffic to detect transmission of sensitive data that violates corporate security policy.
  • In storage environments (data at rest), where the DLP solution discovers the presence of sensitive data in the wrong places, notably unsecured locations (e.g., open file shares).
  • At endpoints like desktops, notebooks, or other end-user systems (data in use). Endpoint DLP can control the movement of sensitive data between users and the transmission and storage of email and instant messages. They can also monitor and control access to physical devices, such as mobile device data stores, and provide application controls that will block attempted transmissions of sensitive data.

Continue reading

When threats come from the inside

Eliminate the Risk of Internal Data Theft using DLP (Data Loss Prevention)

Don’t underestimate the threat to your business posed by insider data theft. The risk is real and you are not being paranoid if you worry about it.

Consider, for instance, these disturbing factoids from a Symantec-sponsored 2011 study ominously entitled Behavioral Risk Indicators of Malicious Insider Theft of Intellectual Property: Misreading the Writing on the Wall, which closely examined 50 insider thefts:

Continue reading

Beware of FUD

Combine Fear, Uncertainty, and Doubt — and you get FUD, which has been on my mind lately because it so often involves attempts to thwart adoption of newly-emerging, better solutions. Consider these two tales of FUD:

The first tale, from the late 1880s, is often referred to as the War of Currents. It’s about a powerful group of direct current (DC) supporters who fought fiercely against the new, more cost-effective alternating current (AC) with a range of FUD stunts, from electrocuting animals to building the first electric chair. DC’s supporters eventually lost — because FUD can slow, but not stop, real progress.

Continue reading

Corporate data loss: How bad is it? (Part 2 of 2)

Impact of Data Loss on Business Organizations

We have spent over 12 years building our reputation and trust; it is painful to see us take so many steps back due to a single incident.
—Tony Hsieh, CEO, Zappos, after the company suffered a data breach in which 24 million customer records were stolen

Continue reading