When threats come from the inside Posted on April 10, 2012 by Tim Burke Don’t underestimate the threat to your business posed by insider data theft. The risk is real and you are not being paranoid if you worry about it. Consider, for instance, these disturbing factoids from a Symantec-sponsored 2011 study ominously entitled Behavioral Risk Indicators of Malicious Insider Theft of Intellectual Property: Misreading the Writing on the Wall, which closely examined 50 insider thefts: 75% stole material they had authorized access to, 65% had accepted positions with a competitor or started their own firm at the time of the theft, 54% used a network — email, a remote network access channel, or network file transfer — to send out stolen data, and A majority had signed intellectual property agreements (which shows that policy is toothless without monitoring and enforcement). Protecting sensitive data from security risks posed even by those who create it and use it presents an interesting security challenge — one that more and more compliance mandates demand be addressed. Since sensitive data must be available to those who need to work with it, keeping that data secure means preventing its unauthorized distribution. This is what data loss prevention (DLP) technology accomplishes. DLP does this by discovering and identifying your sensitive data, then monitoring, controlling, and securing it wherever it may be and whenever it moves, both inside and outside your organization. Next time, I’ll get into how DLP works.