Written by Dave Stelzl CISSP

Where is your data?

I received this from one of my colleagues while sitting in the Las Vegas airport, heading home from last night’s Seattle event.   One of our event topics addressed the whereabouts of your client’s data…where is it?  It’s everywhere.  And that includes home.

In an article from Today’s Washington Post (Thanks to my official DC Correspondent Tim), sensitive data from the ethics panel (one of the most secretive panels in Congress) is now in the hands of, who knows who?  Inadvertently placed on a public network drive, an unnamed government employee was able to access and forward this information to the Washington Post!

“The committee’s review of investigations became available on file-sharing networks because of a junior staff member’s use of the software while working from home, Lofgren and Bonner said in a statement issued Thursday night.”

“Peer-to-peer” technology has previously caused inadvertent breaches of sensitive financial, defense-related and personal data from government and commercial networks, and it is prohibited on House networks. “

While it may be prohibited in government, it isn’t in most organizations. And the likelihood of the average user knowing that their kids have loaded this on home networks is small.  This is just one more reason your clients should be constantly assessing, and putting technology I place to control data leakage.

Advertisement

2 thoughts on “Where is your data?

  1. Do you have specific applications and vendors of those applications that you recommend? From your experience what is the best vendor mix that would give a user 5 nines protection? Computer usage between work and home has become so prevelantly common-place, one is thrown off of one’s data-vigilance. Kaspersky rates well, and I’m sure others do, too! In you opinion as a security professional, what vendors and applications are the best? Is there one application that “does it all”? Thanks!

    Reply

    1. Don, Thanks for your question. I don’t generally recommend vendors, in fact, doing so commoditizes what you do. Partner with the firms that support your cause with money and marketing, and rely on analysis to bring together the best solution based on integrating all 9 boxes of the coverage model. When this approach is taken, commodity products can be used to build a proper defense. As you move forward, you’ll see that product companies are constantly leap-frogging each other, making it difficult to say which solution is best.

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s