In 
Some will still remember the curious case of Biswamohan Pani, a design engineer and former employee accused by Intel of data theft amounting to as much as US $1 billion.
More than anything else, the case brought forth the fact that even the worlds largest organisations were prone to a mission-critical data loss.
Its like being killed in a battlefield by friendly fire. In fact, Deloitte in the 2009 edition of the Global Security Survey highlights that while social networks and blogs can be powerful enablers, they also increase organisations internal security challenges. It also reiterated that in todays connected world, insiders were turning into greater security threats than ever before.
And while the organisations are trying to make their employees more aware about the basic steps to security, its the IT departments and the IT managers who end up being the custodians of organisations most important resourceinformation. Read on for some precautions and best practices that can go a long way in ensuring prevention of data theft.
Categorise digital assets
The most important part of managing data loss is to understand the types of sensitive data and categorise them into buckets, based on their sensitivity and value. Obviously, the most valuable data is linked to the maximum number of controls, even if that leads to some sort of inconvenience to a section of employees.
Prioritise what you need to protect
Data in an organisation has three dimensions. First, data in motion that includes any data that moves through the network to the outside world via the Internet. Second, the data at rest that includes information residing in files systems and databases. Third, the data that resides at endpoints like USB drives, external hard drives and mobile devices.
IT managers must evaluate the potential vulnerabilities and the associated loss for each data dimension. It thus makes sense to prioritise the dimension where the threat level is the highest.
Select comprehensive solution
The adopted solution must be all-encompassing and comprehensive. A comprehensive data loss prevention (DLP) solution sets up tight policies and is capable of effectively detecting the breaches. Hence, IT managers should consider implementing all, or some of these steps.
- Analysis of the content of all major files and attachment types
- Selective blocking of messages
- Automatic enforcement of corporate encryption policies
These steps require both well thought-out policies and processes.
Make IT invisible
The most important aspect of a DLP solution is that it should be invisible to the end-user. It should at no point in time impact worker productivity. For instance, any delay in e-mail or Internet page loading can dampen the speed of business and negatively impact the productivity of employees. At the same time, the solution must run consistently even in the wake of traffic volume surges.
No one company has the best-in-breed solutions that address all the three dimensions of data, so the best answer is to integrate solutions from different best-in-class vendors.
The author is HeadIT at Jagsonpal Pharmaceuticals
Add new comment