With the revelations in the past couple of months of network intrusions in retailers and other enterprises one can be excused for thinking organizations have no defences.

Not true. Layer defences including encryption of highly sensitive data can go a long way to cutting down the risk of data loss.

A guest security manager’s colunn for ComputerWorld U.S. outlines another possible strategy: installing a data loss prevention solution on the network and on endpoints.

DLP on the network can identify a lot of suspicious activity, the writer – who uses a pseudonym – says. However, in a company with a number of branches, each of which has its own Internet connection, traffic can only be watched where there’s a network monitor.

So his company tried endpoint DLP. One advantage is it monitors branch traffic before encryption. Another is it can monitor if data is being loaded onto external media like a USB drive.

And indeed an employee was caught copying 3GB of files and employee directories to a thumb drive by both the network DPL and the end point software.

It’s an interesting example of how the technology can work and worth thinking about, particularly if your enterprise has a lot of sensitive data.

Read the whole article here

Previous articleIs this the year mobile marketing takes off?
Next articleMicrsosoft bug bounty creator sounds off
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com