Enterprise IT Watch Blog

Dec 21 2010   12:10PM GMT

Is network-based DLP dead?

Michael Morisy Michael Morisy Profile: Michael Morisy

Data loss prevention software, or DLP, has long  been a hot topic among security professionals for a while, but it’s always been a bit of a mercurial target: How do you lock down data while still making it accessible enough to be useful? The short answer: You can’t. Remove CD drives, install the right software, regularly audit your weaknesses and you can still be a victim.

But that doesn’t mean that WikiLeaks is the “canary in the coal mine” for DLP techniques. In fact, it’s going to receive more attention and more thought than ever (we picked it as one of our top 5 trends for 2011), but the hard truth is that security is about mitigating risk, not eliminating it. It’s not a message your CEO wants to hear, but acknowledging that systems are imperfect and breachable is the first step towards recovery, as they say.

Even the National Security Agency reportedly has acknowledged the fact, and if the world’s spookiest spooks can’t stop breaches, how can your company? From Reuters:

The U.S. government’s main code-making and code-cracking agency now works on the assumption that foes may have pierced even the most sensitive national security computer networks under its guard.

“The most sophisticated adversaries are going to go unnoticed on our networks,” she said.

“There’s no such thing as ‘secure’ any more,” Debora Plunkett of the National Security Agency said on Thursday amid U.S. anger and embarrassment over disclosure of sensitive diplomatic cables by the web site WikiLeaks.

So much for holiday cheer.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: