Data leakage is usually defined as the unauthorized transfer of classified information from a computer or data centre to the outside world. Such leakage can occur by simply mentally remembering what was seen, by physical removal of tapes, disks and reports or by more subtle means such as hidden data in e-mails and text messages or other forms of electronic communication.
With the cost of data breaches continuing to rise, there has never been a better time to find solutions that protect your customers’ data and reputation, while mitigating potential risks, says Erik Brown, CTO at GigaTrust. “As we head into 2018, we can only predict that cyber-attacks will become more frequent and severe,” he wrote in an article for IT Pro Portal.
Brown suggests several ways to prevent data leakage, including defining a security policy, investing in the right technology, keeping passwords and devices secure and providing security education.
When it comes to cyber threats and attacks, there’s no such thing as too much information, Brown writes, adding that establishing a security awareness and education practice in your business is an important step to help employees handle phishing, social engineering, and other cyber attacks.
Data Leak Protection
Vancouver’s Thierry LeVasseur is an entrepreneur with over 25 years of experience studying web-based issues, who also has a number of patents to his name in the digital and electronic communication area. In one patent application, Thierry LeVasseur notes that a major shortcoming of most data leak protection techniques is a reliance on human-defined policies.
For example, he says, a policy may be set to prohibit emails containing a human defined keyword from being transmitted by an e-mail server. Such policies may trap emails that do not contain confidential information and may not trap other e-mails that do contain confidential information. Even if the keywords are updated over time, approaches that use human defined keywords are subject to a high number of false positives, LeVasseur notes.
As well, people are increasingly using multiple types of communications programs, he adds. Thus, keyword-based policies set on an e-mail server have another drawback in that they cannot prevent transmission of confidential information on a different platform, such as a SMS messaging platform or other type of chat platform. The false positive and leaks are exacerbated by the sheer volume of electronic communications in modern organizations, as the number of electronic messages sent each day globally is in the billions, LeVasseur says.
Digital Fingerprints
LeVasseur’s data leak protection system would use machine learning to enhance data security, adding a digital fingerprint to the data package. The digital fingerprint generator allows the identification of high-value assets in a message, while also determining the context around which the message is being transmitted. A domain identifier is also included for identifying a data perimeter based on the message and the prevailing environment. With this arrangement, the data leak prevention system moves beyond traditional intrusion detection systems by allowing an organization to identify a domain to be used for interpreting whether a potential data leak exists during a data transmission event.
One key to successfully preventing data leakage involves recognizing that existing data security processes are susceptible to human error. That’s why any data leak protection system should be enhanced to optimize protection by including rules that are maintained by a system administrator in real-time. Thus, revised information policies may evolve based on previous breach incidents, for example, and may be broadly implemented based on industry-wide standards,.
Data theft and hacking are a prevalent threat in the digital age; no one is immune from the problem. Keeping cyber security as an area of focus in every industry can minimize the potential for data leaks.
