The Smart Techie was renamed Siliconindia India Edition starting Feb 2012 to continue the nearly two decade track record of excellence of our US edition.

What Can We Learn from WikiLeaks?

Bhaskar Bakthavatsalu
Tuesday, February 1, 2011
Bhaskar Bakthavatsalu
The WikiLeak issue has been all over the news lately, emphasizing organizations’ need for stronger information security. With this in mind, how can businesses reinforce their security posture and avoid future security breaches?
It is not uncommon in the corporate world to see large data breaches occur because of a lack of security. The recent WikiLeaks incident, whereby hundreds of thousands of sensitive government documents were released to the public, is yet another reminder to businesses of the importance of data security, and should serve as a good warning for organizations - data loss can happen to anyone, anytime.
Despite repeated examples of data loss the industry has witnessed over the past few years, and despite their disastrous consequences, many organizations still lack clear data security policies and fail to deploy the right security arsenal to prevent them. While they take all the necessary measures to protect their physical infrastructure and facilities – controlling and restricting access to their physical sites – they fail to protect their informational and digital assets. Yet, this is where a company’s innermost secrets, intellectual property and value resides – confidential files, financial documentation, acquisition plans, customer information, sensitive emails, exclusive product releases and other corporate records – are all ultra-capital assets that need to be shielded from the outside world.

How to protect sensitive corporate information
In order to protect corporate data, computers, devices and infrastructure, organizations need to deploy a holistic and multi-layered security approach. The first step is to define and implement strong data security policies. Businesses need to establish the appropriate privacy settings and clearly define who is entitled to access specific types of information, as well as what confidential data is visible and to whom.
Second, businesses need to implement specific data security solutions that secure their sensitive data in multiple forms and throughout its lifecycle: data-at-rest, data-in-motion, and data-in-use. They must choose an approach that can effectively prevent data loss before it occurs, rather than just detect it, after it occurs.
Below are few basic mechanisms and technologies that an organization can deploy to curb the risk sensitive data loss:
Data Loss Prevention (DLP): The purpose of a data loss prevention solution is to help prevent sensitive data from being leaked out of the organization – regardless of intent. For instance, in case an employee inadvertently sends out a confidential email to the wrong recipient, or with the wrong attachment, the DLP solution can identify the fault, block the email and proactively prevent the data loss before it occurs.

Share on Twitter
Share on LinkedIn
Share on facebook