||Add To My Personal Library
August 27, 2010
Vol.32 Issue 18|
Page(s) 34 in print issue
Tracking File Movement
Take Measures To Protect Enterprise Information
• The ever-changing pace of social media and email programs makes file sharing easier than ever—and makes it easier for secure files to leave the enterprise.
• To secure files, IT managers will need to monitor email and may want to make firewall and email improvements.
• Enterprises will likely need to let employees access some types of social media sites; simply restricting all types of file-transfer opportunities won’t work.
Do you know whether files are leaving your enterprise? Can you track file movement? If not, youâ€™re not alone, but youâ€™ll want to consider stepping up security measures to protect vital enterprise information.
More than 70% of IT executives have no visibility into files moving out of their enterprise, according to a recent study by Ipswitch (www.ipswitch.com). In addition, 64% say they have no visibility into files moving inside the enterprise.
“Those numbers point to the lack of visibility companies have into file movement,” says Frank Kenney, vice president of global strategy at Ipswitch. “You can have filters and rules in place from the data center and application perspective so you can track everything, but then your human knowledge workers can [mess] that up.”
USB flash drives, removable disk drives, and cell phones are making it easier than ever for employees who need to transfer large files, and harder than ever for companies to monitor and protect sensitive information, he adds.
About 90% of survey respondents admit to using thumb drives or other external devices to move work-related files, Kenney says. What’s more, the prevalence of Internet-based email programs lets employees simply email large work files to their private email accounts when they want to work on files from home, says Ben Mitchell, product manager at Cisco (www.cisco.com).
It goes without saying that unmonitored file movement may mean important enterprise information could be involuntarily, or even voluntarily, leaked. IT managers need to make it easier for people in their organization to move information securely without resorting to these measures, Kenney says. By decreasing reliance on transferring physical media and focusing more on easy-to-use browser-based or email plug-in solutions, information will be better governed, Kenney says.
File Exchange Policy
“We recommend companies take a fresh look at how they allow knowledge workers to exchange information and collaborate and do the things those workers need to do to be productive,” Kenney says. “If I need to send a large file and [the] Exchange service environment doesn’t allow it, I’ll send it via email or do peer-to-peer using Google Talk or some other type of capability,” Kenney says.
“Companies need to be aware of how they are sharing info to be productive, set some kinds of policies and standards around how those users are doing that, and give technologies and services to those workers that can be fully monitored and managed,” he adds.
He recommends IT managers investigate services such as those that let employees upload files to a secure server. Files can then be accessed via password. Companies that offer these services allow for hosting the files on their servers or on the enterprise servers.
IT managers should also look at the upgraded firewall options available today that let enterprises customize firewall protections, says Howard Ting, director of marketing for Palo Alto Networks (www.paloaltonetworks.com).
“There are so many different ways stuff can leak out of the enterprise that the most important thing is for enterprises to get visibility into those roads out of the building,” Ting says. “They need to be able to put the appropriate gates and controls in place so they can see all the ways out and then block and control the ones that aren’t appropriate.”
Some firewall offerings now allow the IT department to specify which Internet sites and offerings enterprise staff can view. “Most firewalls used today look at ports and protocols being used and try to identify the applications viewed that way,” Ting says. “That approach worked well 10 years ago when most apps used specific ports and protocols. But with HTTP as the protocol, you can’t differentiate whether the user is going to ESPN to check sports scores or going to Facebook or Gmail and posting documents,” Ting adds. “Today there’s no way for legacy firewalls to determine the difference between these apps because they all work the same way, using the same ports and protocols.”
Because some enterprises may have a legitimate need for employees to visit Facebook, it makes sense to use a firewall that lets IT set specific access to HTTP sites. Such firewalls could even be set to give access to Facebook but ensure files couldn’t be transferred via the site. “You can set a policy that allows certain types of activities but prevents other types,” he says.
IT managers must also focus on emails sent via the enterprise’s email server. These emails could also contain files and information that shouldn’t leave the company, Mitchell says. “Whether it’s nefarious, a mistake, or user oversight, email is a means by which data that could create problems for you is sent outside the organization,” Mitchell says. “And there’s little visibility into that on the part of network administrators.”
IT managers should ensure they have an email security product in place that gives them a view into all that traffic that enters and exists on the network and one that inspects outbound and inbound email for its content, Mitchell says. These products scan email for content via filters set by IT managers. They usually allow managers to use filters provided with the product or to create their own.
“These identifiers can be keywords or can flag words that are in close proximity to each other. They can be quite sophisticated,” Mitchell says. He notes industries that need to meet regulatory compliance mandates often need to have this type of email filter in place; their mandates require it.
The important thing to note about file protection, Ting adds, is that IT managers make decisions based on their enterprise needs. But they all must ensure file protection is in place. “Every business has to make a decision about what’s appropriate, but their security products do need to be flexible and able to provide protection at the granular level needed for that business,” Ting says.
by Jean Thilmany
Document Access |
To add another layer of protection and keep documents secure, IT managers might investigate implementing document management software, says Danny Johnson, marketing manager at Netdocuments (www.netdocuments.com). This type of software lets IT managers grant access only to employees who need the document. Although those employees can access the documents anywhere, the software tracks document history, changes, and version.