Here's the scenario. Either your network has been successfully breached by some spyware (which the leading vendors miss 60-80% of the time) resulting in sensitive enterprise information being sent out of the network or, you have an employee inside who is sending sensitive information out to others which they shouldn't. HOW DO YOU KNOW?
One of my nine recommended layers is to have perimeter security. One of the subsets of this layer is the use of something called network content filtering/control, network leak prevention, extrusion prevention or risk protection. What does this do?
It filters all traffic leaving a network and looks for information that the enterprise doesn't want leaving the enterprise. Sounds good?
Well it can be good as long as you have done an enterprise risk analysis first to define what kind of information meets a high or medium risk information. Then you can create policy rules and alorithms in these tools to monitor for this. Without this, you simply cannot monitor everything coming out of the network, make sense of it and identifiy the pieces that are at risk,
Yesterday in Sci-Tech Today there's an article "How well do you know your network" that speaks to this. The story notes that a large number of companies don't even have this technology on their radar screen.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us