| One of the great things about the Internets is that it | | | | you have to chase down. You can also set up fancier |
| provides universal connectivity between your desktop | | | | things, such as automatically requiring emails between |
| and the world. But that is also a tremendous | | | | two places (such as your office and a partner) to go |
| weakness and security professionals often lose sleep | | | | out encrypted. Speaking of encryption, they work with |
| over how easy it is for a rogue employee to email a | | | | the Blue Coat Web proxies so that even if someone |
| friend - or even his private Webmail account - their | | | | is using SSL connections to talk to their Webmail |
| entire customer list or other confidential information. | | | | accounts they can take those packets apart and see |
| There have been a number of products to try to track | | | | what someone is doing. That is pretty spooky, but hey, |
| or block leaking data, and this week I was testing one | | | | you have been warned! |
| of them called TrueDLP from Code Green Networks. | | | | There are other things that the product does, such as |
| The idea is fairly simple: you install their appliance on | | | | being able to detect content on removable USB thumb |
| your network, point out your most sensitive data, and | | | | drives, or even block their usage entirely. This is the |
| then it watches over your packets and sees what is | | | | way of the world: as these drives get beyond 64 GB |
| leaving the premises. It doesn't take that long to setup | | | | (yes, gigabytes), they are more of a threat for |
| and install, once you figure out what it is doing and | | | | someone to just literally take an entire database out |
| what you are doing. | | | | the door in their pocket. I recently ran up against this |
| The tricky part is figuring out exactly what is your | | | | when I was in my bank trying to provide |
| most sensitive data, and being able to focus in on it in | | | | documentation for a loan. I had brought a CD, a USB |
| a way that the product can identify. It comes with | | | | thumb drive, and had saved the documents on my |
| dozens of various templates to be able to recognize | | | | Google account just for good measure. Because of |
| social security numbers, or names and addresses, or | | | | the bank's endpoint security lockdown policies, I was 0 |
| stock symbols, or other kinds of well-formatted data. | | | | for 3 and had to send them the old fashioned way, by |
| But the real plus is being able to handle unformatted | | | | making paper copies, once I got home. At least it was |
| data, such as a memo about a customer's | | | | nice to know that they had protected their employee's |
| preferences that is just a Word document, for | | | | PCs. |
| example. Code Green can connect to a SQL | | | | The interesting thing is what happens after customers |
| database and directly handle the query syntax to | | | | get their hands on this Code Green product. Lawsuits |
| select particular data types, and it can also connect via | | | | typically ensue, so to speak, because often the |
| WebDAV to Sharepoint servers or other document | | | | network administrator finds someone is doing |
| repositories too. Once you find your data, you create | | | | something that they aren't supposed to be doing. One |
| protection policies and tell the appliance what to do - | | | | of the product managers I was working with told me |
| whether to just log the violation or actually block the | | | | that this usually happens within the first week of the |
| activity. | | | | product being put into production. Given that the basic |
| You also need to make sure that you are matching | | | | price of the product is ten grand, I figure that is as |
| everything properly, because the last thing you want to | | | | close to instant ROI as you are going to get these |
| have on your hands is a series of false positives that | | | | days, considering the cost of most litigation. |