audit data

Audit the data..


Today’s business world, in its pursuit for enhanced efficiency, is opening up more and more to all devices that can improve workforce mobility and productivity. Technology has supported our need for mobility and has also provided additional means of communication. Laptops, smart phones, memory sticks, iPods, they are all part of day to day life and work. The downside of this trend is that while largely adopting their usage, few realise how serious the inherent threats are within them, as mobility and portability make data protection a far more complicated problem than ever before.

Portable storage media and personal entertainment devices, such as USB Flash Drives and MP3 players, through their seamless information transfer from and to endpoints (workstations and laptops), generate severe issues when it comes to controlling data use within the enterprise and beyond the physical enterprise boundary. According to the Dieringer Research Group, in the United States alone, more than 44 million were classified as teleworkers, the category including freelancers, contractors, partners or employees traveling or working from home. As a result of such a significant level of (movement) mobility within the workforce, assuring that information stays within the confines of the organisation is a major concern.

Threats from within..

The most significant security breaches come from insider threats

According to a large number of sources, the most significant security breaches come from insiders,as a result of both malicious and seemingly benign activities. According to the 2005 CSI/FBI computer crime and security survey, the theft of proprietary information went up from $168,529 in 2004 to $355,552 in 2005. Moreover, according to information released by the Computer Crime Research Center in 2005, 98% of all crimes committed against companies in the U.K. had an insider connection. While using removable media to steal data from a company or surreptitiously install rogue programs on corporate computers dates back to the days of magnetic tape drives and floppy disks (still out there), USB tokens have become a common accessory and also an easy way to either carry data outside a certain enterprise or to make room to serious malware infections, halting activities for hours or days.

Employees play a key role in a company’s security and yet many workers do not understand the danger of USB drives. Portable storage devices such as USB flash drives, digital cameras and iPods/MP3 Players are virtually everywhere and are connected to a PC within seconds. Almost every PC has easily accessible USB ports, thus making the theft of data a mere child’s play for all network users. Given their need for mobility, employees might see it as their undeniable right to make use of the highly trendy technologies they have access to. For example, an urgent matter requiring significant hours of work from home is interconnected with the employee’s ability to move data between home and work computers. The most in handy option would be connecting a plug and play device to the computers USB port and copying all the sensitive data needed for work.

Security Issues Posed by USB drives.

Almost 37 % [percent] of businesses surveyed by the Yankee Group in 2005 held USB drives responsible for contributing to the disclosure of company information. Nearly two thirds of the leaks resulted in some disruption to the business units involved, according to the analyst firm.

What’s needed..
An audit trail that shows the use and activity of portable storage devices in corporate networks. Administrators have the possibility to trace and track file transfers through endpoints and to then use the audit trail as legal evidence for data theft.

Conclusions
DLP technologies secures your company’s technologically enabled mobility

As information theft and proprietary data leakage are a reality of today’s business world, effectively preventing all possible security breaches is becoming an ultimate concern for enterprise security experts. Endpoint security comes to complete your existing security policies, aiming to render it full proof.

As new circumvention and data compromising techniques come to diminish the benefits of new devices and gadgets, DLP technologies secures your company’s technologically enabled mobility. Thus, by easily protecting all exposed endpoints from inbound and outbound threats, you can enjoy enhanced portability, efficiency and productivity.

As it enables your employees to use devices you have already invested in and it protects your company from losses generated by attacks from outside and within, all financial costs entailed by implementing DLP technologies, such as purchase, implementation and usage training expenses, are fully justified by the yielded return on investment.

Curtesy of CoSoSys