About Us Products & Services Our IP Network Customer Support Resource Centre
Search
Contact Us
Sitemap
Home
  Extensity Newsletter
In This Issue
CASE STUDY
KNOW-HOW
TECH TRENDS
DID YOU KNOW
 
Previous Issues
 
You are here : Home | Extensity Newsletter | Tech Trends

Digital Leakage

URMEZ DAVER

Digital Leakage is the intended or accidental loss of confidential company information in electronic form. Digital Leakage is an increasing enterprise risk, as businesses increasingly rely on creating and using electronic information. Digital information is easy to copy and therefore very easy to redistribute given that the Internet is a ubiquitous medium today. The precise impact of digital leak depends upon the type of information and whose hands it falls into. Loss of intellectual property to a competitor, or financial results to an analyst prior to public release, or embarrassing information to a newspaper are examples that many companies are concerned about.

The major sources of digital leakage are:

Employee Theft : Employees necessarily need to use confidential information to do their jobs. However is there any means to prohibit a disgruntled employee from deliberately passing information to a competitor? Do all your employees know the value of documents they are handling?

Accidental Distribution : Email is the ubiquitous communication medium with business partners and colleagues; sophisticated email systems try to intelligently complete destination email addresses, but how many of us have inadvertently sent an email to an unintended recipient?

Lost devices : Do you know what confidential information your employees carry around on their laptops? Do you know what the consequences would be if a replaced hard disk drive were lost or mislaid?

Business Partners : Despite non-disclosure agreements, do you think your business partners - contractors, consultants and suppliers - protect your commercially confidential information as effectively as they protect their own?

Change in trust : Changing circumstances or roles can result in changes in who must be trusted with confidential information. Do you know if your consultant leaving your company is not leaving with your confidential or valuable digital information?

Existing Security Solutions : Products such as antivirus, firewalls, intrusion detection and server-side access controls have all been popularly deployed in an effort to secure corporate networks from outsiders.There has also been a significant increase in deployment of virtual private networks (VPNs) to enable secure access to a corporate network from outside the physical company environment.Such systems secure the perimeter of the organization, and reduce risk from eavesdropping and hackers. However, as we have already established that the major threat to corporate information is employee theft; employees have authorized access and can simply forward information outside the company, carry it away on CD/USB-disks or copy it off their laptops onto their home computer.They can even just print it and carry the paper copy away. At this point the organization has lost control of the information, and no amount of money spent on firewalls, VPN's or intrusion detection software can eliminate this. Many organizations concerned about their sensitive information keep track of it within content management systems. But even these systems cannot track what happened to the information after it was checked out or downloaded: it may have been modified and/or forwarded to someone external. Organizations have also deployed encryption systems to extend the limit of access control. Indeed such systems reduce the risk of information falling into the wrong hands during transit. However once the information is decrypted on the authorized recipient's computer, it is as vulnerable as before. This renders such systems valueless particularly against the kind of Digital Leakage we are considering here, because the major threats are internal (employees can decrypt the documents, and can then copy and forward them in the clear).

The Solution to Digital Leakage : To address the Digital Leakage problem, a solution is needed that can control document usage beyond standard access control. Discrete usage rights, such as the ability to view, edit, print, forward and expire the information need to be managed; so that even if it fell into the wrong hands the recipient would be unable to use it. Such a solution should control illegal document forwarding and usage even after it has been delivered to a remote recipient. And if it's not too much to ask, the solution ideally must be largely transparent to our existing way of working, and which doesn't force us to use a "fixed format" such as Adobe's portable document format (PDF) in order to secure the information.

Such solutions do exist! So when you're looking for a solution to the problem of Digital Leakage, you must consider whether the solution provides the following features and capabilities. Persistent usage control when the file exists within your organization and outside - during and after delivery, and

Cont. on Next page
 
 
Search Engine Marketing by Sify SEO
  Best viewed at 800 by 600. Copyright © SIFY Limited. All rights reserved.
Privacy Statement Disclaimer