How To Prevent An Illicit Data Dump

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/insider-threat/167801100/security/perimeter-security/232400126/how-to-prevent-an-illicit-data-dump.html

By Michael Cobb
Contributing Writer
Jan 11, 2012

[Excerpted from "How to Prevent an Illicit Data Dump," a new report 
posted this week on Dark Reading's Insider Threat Tech Center.]

The headline occurs almost every day lately -- a large enterprise or 
government agency loses a huge cache of data through the actions of an 
employee. Whether it's a malicious theft and posting, a la WikiLeaks, or 
an unintentional compromise of sensitive business information, the 
affected organization is put in a position of serious risk.

Developing and enforcing rules around how data is handled within your 
company is the most effective way to reduce the likelihood of a major 
data loss.

The first step is to classify your company’s data in terms of its value, 
legal storage and protection requirements, sensitivity and criticality. 
If you don’t know what you need to protect and its value, you can’t 
allocate the necessary and appropriate security controls to guard 
against data loss and theft.

With classifications in place, data should be labeled—either with 
metatags, in the case of digital data, or physical labels, in the case 
of printed material or physical storage devices.

[...]

_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn