Western Independent Banker - September/October 2008 - (Page 24) By Patrick Johnson Data Loss Prevention: A New Package on an Old Idea DATA LOSS PREVENTION (DLP) looks complicated, big and expensive and will take way too much time and effort for no obvious reason, right? Try to connect the patterns and create a method to gauge and shepherd valuable data that seems intangible but exists, has high risk and must be protected. Can you put it all together? Thoughts? Bueller Bueller? Cue HAL 9000, Dave. There has always been an effort to secure sensitive information since the advent of the digital age. Security requirements, prevention and regulatory mandates are not just suddenly appearing, but have actually gone through a process of evolution over the past decades in response to the data security issues facing modern business. Terms like hacking, GLBA, non-public information, breach response, fraud and identity theft have been kicking around for years. The scary part is that even with our armory of prevention, detection and response programs, we are still losing the war. Financial fraud overtook virus attacks as the source of the greatest financial losses in 2007.1 The average annual loss reported in this year’s Computer Crimes Survey shot up to $350,424 in 2007 from $168,000 in 2006. Insider abuse of network access and e-mail ranked higher than virus incidents as the most prevalent security problem. Since January 2005, the Privacy Rights Clearinghouse has identified more than 215 million records belonging to U.S. residents that have been compromised due to security breaches. We have already invested tons of money, time and resources, right? We have 17 flavors of information security, risk assessments and security protocols, yes? We have typed so many pages that we have blisters on the tips of our fingers, right? Unfortunately, despite our efforts, fraud and information theft continue to soar regardless of the existing compliance programs and regulatory examinations. Institutions are passing information security exams with excellent marks, but data loss statistics continue their vertical trajectory. The cause is rudimentary – what the industry as a whole is doing is not really working. There is a sizable gap between having a compliant program and one that actually works. We need to unify all of our efforts and standardize the program. Enter DLP. DLP engenders a holistic approach to information security and data resiliency that incorporates executive commitment, advanced monitoring systems, automation, formalized policies and procedures specifically designed to prevent, detect and automatically respond to unauthorized access and loss of sensitive data. This is accomplished by a layered and pinpointed technical, physical and enforcement security approach that can identify, track and monitor (in real time) data through its lifecycle (at rest, in motion, in use and on display). The ability to report on transgressions in real time is what makes the difference between true prevention and after the fact detection (viability vs. compliance). There are distinct considerations for ensuring a compliant and viable DLP program. Data discovery is by far the most critical. Finding out where the data resides, classifying it (public, non-public, sensitive), and tagging it appropriately is the foundation for the program. Next, endpoint protection is implemented to help mitigate the biggest security risk – the data that walks right out the front door. Endpoints such as printers, paper, laptops, cell phones and portable media are the biggest culprits for data loss at the endpoint. Mitigation controls include full disk encryption, file control, port disabling and user policy enforcement. Server security follows the endpoint up the chain and can be strengthened greatly through the advent of industry best practices, recurring testing and ensuring appropriate directories are tagged sensitive and restricted from unauthorized access. Armed with the data discovery information and server best practices and mitigation, network preventive barriers can next be put into place including network logical access controls, real-time monitoring, filtering/blocking, automated violation alert and response to stop data loss. Port blocking, pattern recognition, encrypted file searching, contextual and content analysis, file restrictions and filtering are components of a resilient strategy. Intrusion Detection/Intrusion Prevention Systems (IDS/ IPS) must be implemented for the gateway and regular external penetration and internal vulnerability risk assessments musts be performed to secure the perimeter from the outside in as well as from the inside out. To complete the perfect beast, effective information qualification, quantification and reporting are the capstone as enforcement can only be supported if the information exists to identify violations. A vectored approach to reporting criteria includes: • Combined context and content analysis • Passive and active monitoring • Automated and interdiction response Sounds harrowing, doesn’t it? Alas, fear not fair reader, for most of what DLP requires you are already familiar with, only it wasn’t called DLP and it wasn’t as broad reaching or well defi ned, much less integrated into the very fabric of the network proper. Just start with baby steps. You’ll be fi ne. Patrick Johnson is senior compliance officer for HEIT, Inc. (www.goheit.com) in Los Angeles. He can be reached at 970-212-7137 or patrick.johnson@goheit.com. FOOTNOTES 1 CSI 12th Annual Computer Crime and Security Survey – 2007 24 www.wib.org Western Independent Banker http://www.goheit.com http://www.wib.org
Table of Contents Feed for the Digital Edition of Western Independent Banker - September/October 2008 Western Independent Banker - September/October 2008 Contents A Message from the President & CEO What To Do When Good Employees Go Bad! Remote Deposit Capture: What’s Your Target Market? Remote Deposit Capture: Lessons Learned Debit Decoupling: Part of Larger Merchant Funding Trend Debit at the Speed of Life: A Look at Debit Technologies on the Rise ID Theft Rule: Automating the Compliance Process Lose Paper and Gain Audit Trails Data Loss Prevention: A New Package on an Old Idea Securing Data in Transit Margin Management: Get in the Driver’s Seat Shopping for Cyber Insurance WIB Service Corporation Report WIB Calendar Welcome New Members Index to Advertisers advertiser.com Western Independent Banker - September/October 2008 Western Independent Banker - September/October 2008 - Western Independent Banker - September/October 2008 (Page Cover1) Western Independent Banker - September/October 2008 - Western Independent Banker - September/October 2008 (Page Cover2) Western Independent Banker - September/October 2008 - Western Independent Banker - September/October 2008 (Page 3) Western Independent Banker - September/October 2008 - Contents (Page 4) Western Independent Banker - September/October 2008 - Contents (Page 5) Western Independent Banker - September/October 2008 - Contents (Page 6) Western Independent Banker - September/October 2008 - Contents (Page 7) Western Independent Banker - September/October 2008 - A Message from the President & CEO (Page 8) Western Independent Banker - September/October 2008 - A Message from the President & CEO (Page 9) Western Independent Banker - September/October 2008 - A Message from the President & CEO (Page 10) Western Independent Banker - September/October 2008 - What To Do When Good Employees Go Bad! (Page 11) Western Independent Banker - September/October 2008 - What To Do When Good Employees Go Bad! (Page 12) Western Independent Banker - September/October 2008 - What To Do When Good Employees Go Bad! (Page 13) Western Independent Banker - September/October 2008 - Remote Deposit Capture: What’s Your Target Market? (Page 14) Western Independent Banker - September/October 2008 - Remote Deposit Capture: Lessons Learned (Page 15) Western Independent Banker - September/October 2008 - Debit Decoupling: Part of Larger Merchant Funding Trend (Page 16) Western Independent Banker - September/October 2008 - Debit Decoupling: Part of Larger Merchant Funding Trend (Page 17) Western Independent Banker - September/October 2008 - Debit at the Speed of Life: A Look at Debit Technologies on the Rise (Page 18) Western Independent Banker - September/October 2008 - Debit at the Speed of Life: A Look at Debit Technologies on the Rise (Page 19) Western Independent Banker - September/October 2008 - ID Theft Rule: Automating the Compliance Process (Page 20) Western Independent Banker - September/October 2008 - ID Theft Rule: Automating the Compliance Process (Page 21) Western Independent Banker - September/October 2008 - ID Theft Rule: Automating the Compliance Process (Page 22) Western Independent Banker - September/October 2008 - Lose Paper and Gain Audit Trails (Page 23) Western Independent Banker - September/October 2008 - Data Loss Prevention: A New Package on an Old Idea (Page 24) Western Independent Banker - September/October 2008 - Data Loss Prevention: A New Package on an Old Idea (Page 25) Western Independent Banker - September/October 2008 - Securing Data in Transit (Page 26) Western Independent Banker - September/October 2008 - Margin Management: Get in the Driver’s Seat (Page 27) Western Independent Banker - September/October 2008 - Shopping for Cyber Insurance (Page 28) Western Independent Banker - September/October 2008 - WIB Service Corporation Report (Page 29) Western Independent Banker - September/October 2008 - WIB Service Corporation Report (Page 30) Western Independent Banker - September/October 2008 - WIB Calendar (Page 31) Western Independent Banker - September/October 2008 - WIB Calendar (Page 32) Western Independent Banker - September/October 2008 - WIB Calendar (Page 33) Western Independent Banker - September/October 2008 - WIB Calendar (Page 34) Western Independent Banker - September/October 2008 - WIB Calendar (Page 35) Western Independent Banker - September/October 2008 - WIB Calendar (Page 36) Western Independent Banker - September/October 2008 - Welcome New Members (Page 37) Western Independent Banker - September/October 2008 - advertiser.com (Page 38) Western Independent Banker - September/October 2008 - advertiser.com (Page Cover3) Western Independent Banker - September/October 2008 - advertiser.com (Page Cover4)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.