Customized outbound data searches will be part of the Houston Texans' defensive strategy.
Photo by Marin Media
In extreme cases, data-protection measures could thwart insiders, such as disgruntled employees or ex-employees, looking to post sensitive data on the Web from their employer's databases, as William Sutcliffe did after being fired in 2001 from telecommunications provider Global Crossing. Sutcliffe created a Web site containing personal information, including Social Security and phone numbers, home addresses, and birth dates, of as many as 8,000 Global Crossing employees and provided links to Web sites that described how to use this information to commit identity fraud. He was caught and sentenced to 46 months in prison.
Most security breaches by insiders are unintentional. They come from employees who make ill-advised or uninformed choices regarding storage of their passwords, the Web sites they visit, and the E-mails they send. The Computing Technology Industry Association's annual survey on IT Security and the Workforce trends, to be published in March, indicates that nearly 80% of corporate security breaches are caused by computer-user error. One in four outbound E-mails poses a legal, financial, or regulatory risk to the sending company, according to a 2005 survey conducted by Forrester Research and messaging security software maker Proofpoint Inc. of 332 IT executives and managers. Companies expect insider risks to grow, and nearly half of survey respondents plan to deploy technology to monitor Web mail or instant messaging to combat these threats.
Among the challenges are the growing number of methods-- such as PDAs and smart phones-- for transmitting sensitive data out of a company. Security software maker Workshare Inc. plans to release a new version of its Protect software in February that monitors messages sent from mobile devices. The company also will partner with an encryption-technology company to deliver software that encrypts information sent outside business networks.
Rating The Risks
|25%||of outbound E-mails contain content that poses a legal, financial, or regulatory risk|
|36%||of companies employ staff to read or analyze outbound E-mail|
|47%||intend to deploy technology for monitoring Web mail or IM traffic|
|70%||are concerned about the use of Web-based E-mail to expose confidential data|
|77%||say preventing intellectual-property and trade-secret leaks is their top E-mail concern|
|Data: Forrester Research and Proofpoint survey of 332 IT executives and managers|
"Rogue encryption is a danger from insiders who develop their own encryption schemes for their companies to use," says Jim Pante, president and CEO of security software maker Tablus Inc. and a former law-enforcement officer. They end up making it difficult to decrypt messages, Pante says. Tablus expects by the end of February to make encryption available as part of its Content Sentinel software.
Security controls on all types of outbound information are particularly important when defending against inside breaches. Blocking and encrypting voice over IP in real time as it travels over the network is a new requirement, says Kurt Shedenhelm, president and CEO of Palisade Systems Inc., a provider of software for inspecting network communication. "The challenge is decoding the voice message in real time," he adds. "We're within nine months of being able to understand and decode VoIP protocol and messages." The ability to block VoIP content in real time is likely to take longer to develop, but it's coming.
Technologies that protect against insider threats help all kinds of businesses. As the Houston Texans football team prepares to make the first-round pick in April's NFL draft and searches for a new head coach, it has many reasons for guarding its communications. The Texans use Vericept Corp.'s content-management software to monitor network activity and Palisade's Packetsure software to block sensitive information from being leaked.
Texans IT director Nick Ignatiev knows a strong defense is his best offense, and he's looking downfield at new technologies. Ignatiev's team is tweaking Packetsure so that it can customize outbound data searches to look for intellectual property specific to the football organization, including text and diagrams that would indicate files containing the team's plays. "It's a project that's been on the list for a while but is now rising to the top," Ignatiev says, "thanks to the growing interest in network security."
Mind-Reading Voice Analyzer On Tap