Select language:    Bookmark and Share  
Home   Buy now   Screenshots   Compare   Download   Support   Partners   Contact
Product Info
Live video demos
Report & Management Live Demo
Editions Comparison
Why MyUSBOnly
Report & Management New!
Version History
Download free trial
See our clients
Buy now
Locate a local reseller
Purchase orders
Volume discounts
Lost registration key
Online manual
Security news
Contact us

Data leakage problem tough to solve

By Marcia Savage

SAN FRANCISCO -- Data leakage is a big problem for enterprises but there are no clear-cut solutions.

Sensitive customer information and confidential corporate data can slip out of an organization via email, lost laptops, USB drives and a host of other ways, said John Viega. Under pressure from breach disclosure laws and regulations like Sarbanes-Oxley, enterprises are exploring a range of solutions: policies, data leakage gateways, endpoint device protection, and disk encryption.

But there are drawbacks to all of the options and no one technology fully addresses the problem, Viega said.

He said it's tough getting employees to follow data handling policies and training doesn't stick. Data leakage gateways can help enforce policies on the network but can't stop an employee from copying confidential data onto a USB storage device or from taking a laptop home and sending confidential data via Web mail. Classifying sensitive documents on the network can require investment in professional services, Viega said.

Endpoint device protection technologies that track operating system and application operations to enforce policies at the desktop can block someone from copying data to a USB drive, but it won't be on all devices in an organization and it can become too costly to block people from doing what they want to do, he said. Companies tend to deploy such technologies in "advise" mode rather than "block" mode so that IT isn't inundated by requests for policy exceptions.

Hard-disk encryption is "by far the most commonly" deployed technology for data leak prevention, Viega said. The price tag is lower than other options but it doesn't address some leakage scenarios and can be a hassle when passwords are lost, he added.

Digital rights management can extend data handling policies to hosts without monitoring protection but there's no clear technology leader in the space, Viega said.

After the session, an architect at a manufacturing company who declined to give his name said Viega "basically stated the obvious -- there's no silver bullet." With any of the technologies "you still can't guarantee there won't be any leaks," he said.

Another attendee -- a security engineer at a pharmaceutical company who also declined to give his name -- said the session presented more problems than solutions. He would have liked to hear more about enterprise rights management.

"Going after the USB fobs, the iPods -- whatever you can connect to a computer -- is just a losing game … You need to protect [data] at the source," he said.




We offer you a 30-day unconditional money back guarantee! 100% satisfaction or your money back.




Microsoft Windows XP, Server 2003, 2008, Vista, 7, 8, 10, 11 - MyUSBOnly is not a resource-consuming utility.


Home | Pricing | Buy now | Screenshots | Download | Support | Resellers | Affiliates | Pressroom | Contact | About | Sitemap

Copyright © Whatlink Software Limited. 2003-2023. All Rights Reserved. EULA | Privacy Statement