Image via WikipediaAs most people have already caught up on the WikiLeaks and Afghan War Diaries affair, I just wanted to quickly point out that this type of data loss can be avoided by using the correct records management software. To tighten the valve on probably the most prevalent and most easily accessible avenue of leakage, e-mail, should be a requirement from any solution. By using an enterprise-wide email and content management solution, companies (or governments) can be sure that offensive e-mails do not leave the company. Pre-review functionality allows for policies to be set based on any characteristic of the mail, the number of metadata parameters as well as the contents of an e-mail or attachment. Properly deployed the system can block an e-mail from being sent out of the organization before any damage is done. As an example, if a policy stating that any e-mail or file discussing “Contract X” should not be allowed to leave the company firewall, a policy to this effect will ensure that any e-mail or attachment containing any information related to “Contract X” is blocked at the gateway. In essence, these e-mails are automatically “flagged” and the compliance officer or the administrator would be informed immediately that there was an attempt to send that content out. They would then also have the option to allow the e-mail to go through and be sent out, or confirm that it needs to stay blocked.
Such functionality (hopefully) should be deployed throughout the government, but for some reason I get the feeling that its not. If anyone has more information on how the government, especially defense organizations, does data loss prevention, I'm all ears.
No comments:
Post a Comment