ITC Security Threat of the Week – Week 22: Data Leakage Prevention

There has been an up-swell in activity around ‘Data Leakage Prevention’ (DLP) in the marketplace, including a surge of interest within ITC customers.

As with most IT issues, the term DLP means many different things to many different people. Would you believe that some people think that clouds are responsible for rain, hail and snow and there is no Omnipresent ‘Cloud’ (yet)?

In our customer, prospect and trade meetings, what has become apparent to us is that in order to stop data leaking, it must be wrapped in Clingfilm, grease or Tupperware and before that: identified as being leak sensitive.

The ubiquitous, all pervading anywhere to anywhere, anytime Internet is quite obviously the carrier pigeon to end all carrier pigeons of transport; speaking many different languages, sometimes only understood by one or two parties, not to mention the naughty little cousins of the removable-media family.

ITC believes that the identification, classification and appropriate monitoring of sensitive data is the only cost effective way of controlling the data leakage of sensitive information. There is no ‘one size fits all’ black box solution to significantly reduce the likelihood of data straying, deliberately or inadvertently.

We encourage our customers to understand their critical, sensitive data and treat it specially using a robust governance and technical framework.

Attempting to provide ubiquitous defence against leakage will inevitably lead to a Jericho situation rendered useless by the trumpets of ports 80 and 443, not to mention the horns of advanced persistent threats.

If you are concerned about data leakage, contact us and we will help you prioritise, plan and remediate your risk.