John Dasher, McAfee's senior director for Data Protection, has thought a lot about what's needed to keep your organization's private data from being outed by WikiLeaks or another "terrorist organization". In a recent blog post he offered a run-down of just what you can do.
"While technology can't put a genie back into a bottle, it can provide an organization the tools needed to deal with this type of problem going forward," said Dasher. He noted that Data Loss Prevention (DLP) technology like McAfee Data Loss Prevention 9 can alert an organization to blatant threats like an unusual flood of file-copying by an employee planning to defect. It can also enforce physical policies like limiting use of thumb drives and other removal devices.
Dasher observed that organizations need to offer legally-required transparency for some communications and data, a need that plays off against the requirement to protect trade secrets. Too, technology can't necessarily identify what information should be protected. Simple formatted data like credit card or social security numbers can be flagged protected easily; intellectual property cannot.
"Proper internal controls must accompany technology deployment," said Dasher. "Our most successful customers are those who invest the time and energy to involve their … business leaders who are best able to identify what information is sensitive".
Will WikiLeaks survive the loss of Amazon's support for its servers? Will it bring down a major financial institutition? Dasher doesn't think so, but if it does the victim organization will be one that hadn't implemented a thorough strategy for data protection.
Source[http://www.pcmag.com/article2/0,2817,2373720,00.asp]
No comments:
Post a Comment