InfoWatch Blog The problem of information structure

The information structure of a given company before the adaption of a DLP solution is, quite frankly, often a mess. Documents are created with sensitive data in every sector of the system, read-and-write rules are set up in a random fashion based on the whim of a system administrator that worked there nearly a decade ago, and so on. This is understandable, of course, as the employees are not trained in proper information security, and the system security is focused on defending the perimeter from the outside. However, once the management realises the need for protecting the information from leaks, the game changes.The standard solutions, such as those based on fingerprinting and regular expressions require a very specific type of information system. Proper organization is the key. The documents, containing sensitive data must be found, stored in one secure sector, labelled, identified, fingerprinted and archived. Granting access rights to those documents must be done through the security officer. All information channels, leading to the outside world must be monitored, including local ones. Administrator rights must be given on a case-by-case basis. In other words, the entire system must be reorganized to fit the solution.However, such an approach is not always feasible. Reorganization, personnel training, as well as training the system to recognize the information, all of these take time. And yet, the system must be defended as soon as possible, at least partially.One possible solution to this is content-filtration. If the outgoing traffic is sorted based on data type, rather than document (or business-process, for that matter) type, only the necessary ones can be monitored with systems that take less time to train (such as InfoWatch Mail Monitor, Web Monitor and IM Monitor). While this, of course, does not provide perfect protection, such basic level of internal security will last until the information system is organized, while also providing an additional layer of protection once the reorganization is complete.