Detection and prevention of data leakage

Corporate data leaks are a scary issue. Security practitioners have been forced to address data leaks caused by e-mail, instant messaging and other Internet channels. However, with the popularity of mobile technology, data leakage events are more likely to occur than before, both accidental and malicious data leaks. Prepare for data protection although there are many tools in the market to prevent mobile and fixed data from leaking from the company secretly, the best approach is to use a combination of prevention and detection methods, such as combining the detection engine with the data blockade. Before doing anything, however, it is important to understand what data will be protected and the level of danger. You should create and write the confidentiality level of all of your company's data according to your organization's IT security standards. Data types can be ranked from low to high on a scale based on the risk of data loss or disclosure. Examples of high-risk data are: • Information about the customer or employee that contains the name, address, social security number, and other information about the identity. • May be used by competitors to poach customers ' lists of customers. • Trade secrets and intellectual property. • Confidential product design and production planning. Financial information and upcoming products will soon be released in the marketing program. Once you understand what data should be protected and classify and archive risk levels, you can begin to investigate what tools are best suited to your business needs. Data leak prevention tools data disclosure prevention tools are roughly similar to application-level firewalls. Like firewalls, this tool examines data from the network, not just the port and packet type, and ultimately determines what data can be left out of the corporate network. When investigating data disclosure prevention tools, you will find that the three major vendors in the market are Vontu, Reconnex and vericept. Vontu 6.0 Suite software contains a set of tools that monitor various types of Web traffic, including SSL, IM, and web mail. This tool can detect malicious outbound traffic using three algorithms: exact data matching, indexed file matching, and interpreted content matching. Vontu 6.0 is able to fine-tune the monitoring target to specific employee groups, locations, or content types. The Reconnex iguard platform contains two useful devices. Iguard is a network device capable of monitoring the communication content of the network and discovering malicious behavior. Another product Reconnex InSight console is a database that makes detection easier by storing sensitive data information. Like Vontu companies, Reconnex platforms can be tailored to the needs of the enterprise. Vericept's tool, "360-degree Visibility and Control" (360 degrees visible and controlled), is a customer-focused tool for content monitoring. This tool uses vericept proprietary intelligent content controlEngine。 Vericept not only monitors a wide range of network traffic, such as FTP, SSL, IM, and Peer-to-peer, but also monitors blog information, chat rooms and Web sites, as well as sensitive corporate data and secrets that can leak anywhere. The other two useful vendors are portauthority technology and GTB technology companies. Unlike the other products mentioned above, these companies provide hardware devices to monitor network IP traffic and check for specific types of enterprise data. Since these devices are network devices that are installed behind a firewall, it is important to ensure that these devices are integrated with your existing security infrastructure. For example, Vontu products can be combined with products from companies such as Cisco, IronPort Bae and Blue Coat Bae. Reconnex and Vericept's products can be combined with the products of Blue coat and other network agency companies. Mobile devices and data-leaking mobile devices are yet another problem with data leaks. For example, mobile devices such as U disk, Bluetooth device, or removable CD drive can bypass network control without the knowledge of the system administrator. As hardware storage devices, they trump advanced Internet tools and the network monitoring tools described above. Safend Protector V3.0 is such a tool. It can be installed as a client on all desktops and laptops in your enterprise. Like network monitoring tools, it can implement centralized management through a web-based interface. By setting up, the tool can check for some type of data that is moving through a USB interface, firewall, or wireless port. This tool has "data tampering verification (tamper-proof)" capabilities that are visible to users and remain silent until something is connected to an external port. In addition, Safend protector V3.0 can be adjusted to completely block access to any removable devices, restrict certain devices according to capacity, or allow read-only access. These policies can be integrated into the Group Policy objects of the Active Directory to provide access to these devices for selected users. At first glance, the problem of data leakage prevention seems overwhelming. However, with the introduction of some new commercial tools, whether online, through the Web or through storage devices, data leakage problem can be solved. Responsible Editor Zhao Zhaoyi#51cto.com TEL: (010) 68476636-8001 to force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title party (0 Votes) passed (0 Votes) The original text: Data leakage detection and prevention return to network security home