Educause Security Discussion mailing list archives

Re: Data Loss Prevention (DLP)

From: Jeff Borton <jborton () SCHOOLCRAFT EDU>
Date: Wed, 15 Feb 2017 19:37:15 +0000

Had not though about the dynamic of students realizing that your detecting this type of information,  will definitely 
need to account for that as well.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James 
Valente
Sent: Wednesday, February 15, 2017 10:23 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Data Loss Prevention (DLP)

I don’t unless it’s something really egregious or risky.  Students (and some faculty) tend to get really testy if you 
tell them that the firewall picked up a SSN in their email. They interpret it as if I’m sitting at my desk reading 
every single email that goes  in or out and violating their privacy.

I’ve only contacted a handful of students, mainly for things like HIPAA data they’re sending with their student email 
since it could have major legal consequences for the hospital they’re working at.

--James

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Frank 
Barton
Sent: Wednesday, 15 February, 2017 10:11
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Data Loss Prevention (DLP)

Do you notify the students about the concerns of doing this when it is detected?

Frank

On Wed, Feb 15, 2017 at 9:59 AM, Eric Lukens <eric.lukens () uni edu<mailto:eric.lukens () uni edu>> wrote:
Many students also provide their sensitive data via email when applying for jobs, typically small to mid-size places. 
While employers shouldn't do that, it happens all the time.

-Eric

On Tue, Feb 14, 2017 at 6:05 PM, James Valente <jvalente () salemstate edu<mailto:jvalente () salemstate edu>> wrote:
We're running Identity Finder (now Spirion Sensitive Data Manager, but we haven't updated yet) on a few endpoints and 
it has helped to purge any sensitive docs students have left on public workstations.

We had also previously enabled DLP on our Barracuda's outbound queue. That worked immensely well for catching data with 
SSNs and CC numbers that should not have been going out.  However, because student email was flowing through the 
Barracuda, we had to disable it temporarily because it was flagging, and quarantining, every email where a student or 
employee was emailing their own tax information.  While this isn't a recommended or safe practice, our concern is 
primarily employees emailing data belonging to the University, students, or employees (other than the sender).

--James
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>] on behalf of Jeff Borton [jborton () SCHOOLCRAFT EDU<mailto:jborton () SCHOOLCRAFT EDU>]
Sent: Monday, February 13, 2017 16:02
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Data Loss Prevention (DLP)
Just wondering if there is anyone using Data Loss Prevention technology as part of their security arsenal.

If so what product are you using?  Has the product actually prevented any exfiltration.

Jeff Borton
Executive Director of Information Security & Networking
jborton () schoolcraft edu<mailto:jborton () schoolcraft edu>
734.462.4446<tel:(734)%20462-4446>

[cid:image002.png@01CF177E.5A2F4840]<http://www.schoolcraft.edu/maps/livonia.asp>

CONFIDENTIALITY NOTICE: This message and any included attachments are from Schoolcraft College and are intended only 
for the addressee. The information contained in this message is confidential and any unauthorized forwarding, printing, 
copying, distribution, or use of such information is strictly prohibited and may be unlawful.

--
============================================================
Eric C. Lukens       IT Security Compliance & Policy Analyst
Information Security          Innov Teaching & Tech Ctr 117D
University of Northern Iowa       Cedar Falls, IA 50614-0301
(319) 273-7434<tel:(319)%20273-7434>                   http://www.uni.edu/elukens/
============================================================

--
Frank Barton
ACMT
IT Systems Administrator
Husson University

Current thread:

Data Loss Prevention (DLP) Jeff Borton (Feb 13)
- Re: Data Loss Prevention (DLP) McCrary, Barbara (Feb 13)
- Re: Data Loss Prevention (DLP) James Valente (Feb 14)
  - Re: Data Loss Prevention (DLP) Eric Lukens (Feb 15)
    - Re: Data Loss Prevention (DLP) Frank Barton (Feb 15)
    - Re: Data Loss Prevention (DLP) James Valente (Feb 15)
    - Re: Data Loss Prevention (DLP) Jeff Borton (Feb 15)
  - Re: Data Loss Prevention (DLP) Jeff Borton (Feb 21)