Block Data Leakage at the Source
by Ian Kilpatrick - Chairman Wick Hill Group - Monday, 29 October 2007.
Computer networks today have become increasingly open, with greater reliance on IP. More and more staff are accessing a greater number of applications and databases, while remote access has grown hugely. Staff are accessing applications not just from within the office, but from various locations outside the office. These teleworkers and day extenders are significantly increasing remote access, as are mobile workers, including those using wireless hotspots. Company networks are also being remotely accessed by suppliers and third parties.

Our use of email has mushroomed to the point where it pretty much inconceivable to run many businesses without it. The number and size of attachments has also grown very significantly. This openness and our enthusiasm for email, while it can make life easier and improves productivity, has many disadvantages. One of the main ones is the greater difficulty we have in protecting the confidentiality of information. The opportunities for unauthorised viewing of data, data theft and data leakage have increased tremendously and organisations are now having to look urgently at managing this problem.

What data is at risk?

The increased standardisation on IP can mean that all confidential data which is held on a network is at risk and needs to be protected from unauthorised access, both inside and outside an organisation. Internally, there are risks from employees and skilled IT staff. It may be non-malicious, with people wanting to find out other people’s salaries. Or it may be staff accessing confidential company data, including personnel files, company plans and financial information. It could also be malicious, such as viewing and stealing customer information or company confidential information (e.g. research) to pass on to others. It may be employees who feel the need, for whatever reason, to leak company or government information.

Employees can also inadvertently expose confidential data to the outside world through the use of unprotected wireless, unprotected remote access or careless laptop use. Valuable sales information, for example, could be seen by competitors. Confidential information about customers or the public could be leaked. The large number of high profile cases of data leakage highlights this problem. Interestingly as mobile and remote workers increasingly store highly confidential personal information, such as passwords and bank details on company equipment, they are also at significant personal risk.

Another high risk area is the use of USBs and mobile devices such as PDAs and Blackberrys for the storage of confidential information. The very mobility of these devices renders them vulnerable to accidental loss or theft. Additionally, failure to manage these devices means that they are often the conduit for data theft and leakage from organisations. Data is also at risk of exposure from people outside an organisation. Industrial espionage is well known and ‘spies’ might be after valuable R&D information or other information which will give them a competitive edge, such as contract tendering details.

Externally, companies are at risk from hackers or others who might want to find something detrimental on an organisation which they can publicise. Criminals, wanting to use information (particularly financial) to carry out crimes, are also a significantly increasing threat. The large sums available from these types of crimes, the low risks of detection and punishment, and the ease of carrying them out has made this much more attractive than many other areas of crime. It will continue to grow at an increasing pace over the next few years.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th