There have been several high-profile security breaches within the past year - including those such as CardSystems and ChoicePoint in the transaction processing industry - and recent statistics show that as many as 80 companies have been impacted.
Recent information has suggested that the biggest threat to the security of sensitive information is neither external in nature nor malicious in intent. Rather, the biggest threat is coming from inside an organization: its employees.
Corporate insiders tend to have more access to sensitive information, making it easier for the information to be mishandled or stolen. But what happens more often is that sensitive information becomes vulnerable or exposed through poor data practices. A recent study conducted by Vontu, a content monitoring and data loss prevention company, found that 96 percent of data leaks are due to "faulty practices or oversight."
Faulty practices include actions such as not encrypting sensitive information, placing the information on cd's or USB sticks and inappropriate use, such as carrying the information on a laptop or leaving it on an unmanaged desktop.
Oftentimes, companies may not be aware of all the sensitive places data may exist, or know the ways in which it's being used. Compromising sensitive information internally - and often unintentionally - makes it harder for employers to detect and prevent a security breach. So what's a company to do?
Many are turning to content monitoring companies to help find, fix and prevent internal data leaks. In addition, start-ups are rushing to develop new and increasingly sophisticated technology that will protect an organization's internal data. Today, there are about eight companies in this market currently, up from just a couple last year.
Gartner research analysts predict that this burgeoning market may be worth $40 million by the end of this year, and could reach $160 million in the next two years.
Several industry players on the watch list include:
Vontu
Recently released Vontu 5.0, which allows Fortune 500 companies to discover the location of confidential information on all servers and computers; provides real-time network monitoring; prevents confidential data from being transmitted; and enforces security and encryption policies.
Vericept
Gwinnett Hospital System recently installed Vericept software to monitor outgoing Internet traffic that contains sensitive data. Vericept provides comprehensive compliance and content control solutions, as well as enterprise-wide visibility that allows full control of all information exchanged inside and outside a company.
Reconnex
Announced this month the 100th deployment of its iGuard information security appliance and ERM e-Risk Module within Fortune 1000 companies. Reconnex provides enterprise risk management (ERM) systems that scan corporate networks to reveal and address insider threats from a variety of risk factors.
Other industry players include Tablus Inc., Palisade Systems, PortAuthority Technologies and Oakley Networks. While all of the mentioned companies provide content monitoring services, each provides it in a slightly different way. This gives corporations within the transaction processing industry flexibility to choose a company that best fits their needs.
External protection still remains the top priority for most organizations, according to Gartner. However, the monitoring of internal networks is becoming increasingly important to companies, who want to avoid the embarrassment and financial loss of a security leak.
Home
©2005