Helping clients manage their technology for over 30 years.

Data loss prevention’s 3 fronts

a closeup of an eye with scanner lines on the picture.

As I described last time, data loss prevention (DLP) technology discovers and identifies sensitive data in order to monitor, control, and secure it. This occurs on three fronts:

  • On the network (data in motion). These types of DLP solutions are installed at network egress points and analyze network traffic to detect transmission of sensitive data that violates corporate security policy.
  • In storage environments (data at rest), where the DLP solution discovers the presence of sensitive data in the wrong places, notably unsecured locations (e.g., open file shares).
  • At endpoints like desktops, notebooks, or other end-user systems (data in use). Endpoint DLP can control the movement of sensitive data between users and the transmission and storage of email and instant messages. They can also monitor and control access to physical devices, such as mobile device data stores, and provide application controls that will block attempted transmissions of sensitive data.

Continue reading

When threats come from the inside

Eliminate the Risk of Internal Data Theft using DLP (Data Loss Prevention)

Don’t underestimate the threat to your business posed by insider data theft. The risk is real and you are not being paranoid if you worry about it.

Consider, for instance, these disturbing factoids from a Symantec-sponsored 2011 study ominously entitled Behavioral Risk Indicators of Malicious Insider Theft of Intellectual Property: Misreading the Writing on the Wall, which closely examined 50 insider thefts:

Continue reading

Beware of FUD

Combine Fear, Uncertainty, and Doubt — and you get FUD, which has been on my mind lately because it so often involves attempts to thwart adoption of newly-emerging, better solutions. Consider these two tales of FUD:

The first tale, from the late 1880s, is often referred to as the War of Currents. It’s about a powerful group of direct current (DC) supporters who fought fiercely against the new, more cost-effective alternating current (AC) with a range of FUD stunts, from electrocuting animals to building the first electric chair. DC’s supporters eventually lost — because FUD can slow, but not stop, real progress.

Continue reading

Corporate data loss: How bad is it? (Part 2 of 2)

Impact of Data Loss on Business Organizations

We have spent over 12 years building our reputation and trust; it is painful to see us take so many steps back due to a single incident.
—Tony Hsieh, CEO, Zappos, after the company suffered a data breach in which 24 million customer records were stolen

Continue reading

Corporate data loss: How bad is it? (Part 1 of 2)

Loss of Sensitive Corporate Data

In the wrong hands, the sensitive data your business depends on becomes a weapon wielded against it. And it’s happening more often every day.

Reports of intellectual property theft and hacktivism abound, and 2011 has been widely described as “the year of the data breach.”

It’s not hard to see why.

In 2011 alone, according to the nonprofit Online Trust Alliance, 126 million data records were compromised in the United States.

Continue reading

6 signs of network performance problems

In my experience, poor network performance can cause outages that cascade unpredictably through the business and cost you plenty. Are you experiencing any of these signs of trouble?

  1. Network-dependent applications have become sluggish — and your employees, customers, and suppliers are letting you know how unhappy they are.
  2. Network administrators struggle to isolate the cause of poor network performance.
  3. Continue reading

Data backup/recovery best practice #10

This last of my backup/recovery best practices is far from the least of them:

#10 Conduct regular testing and reviews of your data recovery capabilities

Backups can be corrupted (especially if they’re tape-based) and too often backups are performed incorrectly. Key files, directories, or components may have been excluded, especially if your infrastructure has undergone adds or deletes.

Continue reading

Data backup/recovery best practices #6, #7, #8, and #9

Continuing with my views of backup/recovery best practices, I offer up # 6 through #9:

#6 Back up your data locally as well as remotely.

Data restores usually are faster from a local backup source than a remote one, especially for data that you recover frequently.

Continue reading

Data backup/recovery best practices #3, #4, and #5

Last time, I described the first two backup/recovery best practices. Here are the next three:

#3 Make sure your backup/recovery strategy adheres to all governance and compliance rules that apply to your organization.

Rules abound about data privacy, security, retention — and vary by industry and region. Look for a reputable advisor who has the experience needed to understand your compliance environment and who successfully completes SAS-70 Type II audits.

Continue reading