Inside out, outside in, inside in...

by Dr Guy Bunker.

It’s been a year since we carried out our ‘Enemy Within’ survey and discovered that while the threats from outside the organization are still happening, it is the threats from within which are causing a greater challenge. This isn’t just employees but also third parties who have access to internal systems and information. As one of several examples this year, “Snowden”... need I say more?

Data Loss Prevention (DLP) has been a great technology for preventing data leaks. Looking for, detecting and preventing critical information from going outside the organization, inside out, if you like... and this year we introduced the ground breaking Adaptive Redaction technology which along with resolving a number of challenges organizations have with deploying DLP also looks just as much at preventing inappropriate information from coming inside the organization from outside... outside in. But this doesn’t address the biggest challenge, which comes from the insider, looking for and detecting and blocking inappropriate information sharing inside the organization, DLP for the inside in.

The introduction of the Clearswift SECURE Exchange Gateway (SXG) has been designed for just this, DLP inside the organization. Even for those organizations who haven’t deployed DLP on the boundary (inside out or outside in), internal DLP is a good option to reduce information risk.

Where is DLP of value – to me? As with the introduction of most new technology, if it is solving a problem that didn’t exist before, then there is always a challenge of “well I didn’t need it before, why should I need it now?” The iPod had the same issue when it was launched, “why do I need 1000 songs in my pocket?” – but of course it started a revolution in music and I for one wouldn’t be without my iPod now! I digress... back to internal DLP. Organizations have a lot of internal information which should (or must) be kept ‘secret’ from other employees – the more people who have access to the information the higher the risk of it being exposed or used inappropriately. “Manning”... need I say more? Financial results needs to be kept within a close circle of people until they are made public, intellectual property in the process of being patented or new product designs should be kept to a limited audience, M&A information needs to be highly controlled, the list – when you think about it – goes on and on.

While a lot of information is shared using file servers or collaboration tools, it is email which has very few restrictions – anybody can send anything they have to anyone else in the company. So, the risk of sending information to the wrong (or inappropriate) person is huge. While you may occasionally send or receive an email to/from the wrong person externally, internally the problem happens much more frequently, especially with distribution lists.

Clearswift SECURE Exchange Gateway (SXG) has been designed to provide all the flexibility and functionality of our other Gateway DLP products but applied to internal email. The solution has a ‘monitor mode’, whereby organizations can look at the existing behaviour and discover broken business processes or inappropriate communication channels – which were probably fine 12-18 months ago, but the world has moved on and the process hasn’t. Monitoring the communication flows before enforcing the policies (stop, block, and quarantine) means business is improved rather than hindered. SXG also has all the Adaptive Redaction options as well, to further enhance security and to keep business flowing securely inside the organization.

Now is the time for New Year’s resolutions and perhaps it is time to look at solutions to combat the malicious insider, “The Enemy Within”.