Technological Evaluation and Recommendation - Research Paper Example

? Technological Evaluation and Recommendation Executive Summary This paper focuses on evaluating and identifying ways through which issues of data leaks can be addressed in order to avoid exposure to financial looses and damages of reputation. This paper will address a care where data leaks were caused by peer-to-pear sharing of files, through application that are installed in an employee’s computer. The paper will entail a matrix section which will focus on categorizing and assessing the risks related with data leaks, and three technology based solution will be provided and discussed as effective protection measures. In the matrix the technology based solutions will be identified to address three identified risk, which include loss of confidentiality, loss of intellectual property, and loss of customer data that results from data leaks. The candidate technology solution will be identified and the way these technologies works, thereby determining whether their effectiveness is high, medium, or low; this matrix will present a comparison of various capabilities and weaknesses of the candidate technology-based solution. Besides, the paper will also make a recommendation for the best fit technology-based solution for solving and mitigating the problem cause by data leaks. Nevertheless, the main focus of this paper is to provide assessment of the risks that are associated with collection, processing, and storage of confidential client’s information. The paper will explore the risk associate with data leaks and their impact on the organization; for instance, there are different forms of communication that have been utilized in an organization such as instance messaging or peer to peer, and they surpass the conventional email. Therefore, this is presenting a chance for data leaks, which is either internal or external to the organization. Apparently, this calls for a discussion, which is aimed at addressing implications to organizations from various perspectives. In this case, presenting a threat and related risk can set a pace for identifying the possible detection and mitigation solution for the problems. Data leaks have a significantly broad scope; in fact, it is a problem that cannot be constrained to emails and web. There are numerous reported cases of data loss through devices such as laptops theft, hackers, and back-up tapes that are lost or stolen (Heck, 2006). However, there are ways through which these increasing threats arising from data leaks can be addressed through messaging, social engineering, and malicious hacks. Furthermore, various products have been developed by different manufacturers aimed at decreasing cases of data leakage, though they fail to address other vectors (Heck, 2006). Data leakage are defined as unauthorized broadcast of data or information from an organization to another target or recipient, which may either be electronic or physically. Apparently, data leakage is regarded tantamount to information leakage, through there is need to realize that the term unauthorized in does not indicate that the transmission was intentional or malicious; besides, unintentional or inadvertent data leakages are also considered unauthorized. 1. Internal threats Data security breaches emanate from within the organization; this amount to 52% internal leaks compared to 48% external leaks caused by hackers; examination of the internal breaches indicates that the level of malicious intention to leak data is significantly low. However, the outcome of this is making the level of unintentional data breach to be significantly high. On the other hand, there is a deconstruction of 46% caused by oversight by employees and another 50%, which is caused by inappropriate business processes. 1.1. Intentional Internal Data Leakage or sabotage The principal threat posed by data leakage emanating from within the organization is attributed to unintended actions (Bayan, 2004). On the other hand, a significant risk is imposed on the organization due to intentional unauthorized release of information or data by employees within the organization. Internal leads for data can either be many or a few based on the mediums, which include, remote access, instant messaging, email, and webmail. In some other cases, these leaks are caused by peer-to-peer file transfer protocol. 1.2. Unintentional Internal Data Leakage On the other hand, employees’ oversight or engagement into inappropriate business processes may lead to a significant data security breach. In fact, this presents a significant challenge for the business, which becomes a solution to these problems, and it requires deployment of a secure system for content management (Bayan, 2004). However, this calls for a need to undertake examination and re-engineering of business processes in order to facilitate implementation of security measures. 2. Internal Data Leakage Vectors 2.1. Instant Messaging / Peer-to-peer Instant messaging services are offered to numerous employees in various organizations, whereby they care able to communicate from their workstations using their laptops and other electronic devices. Instant messaging services are offered through various clients, which include, MSN Messenger, GoogleTalk, Skype, and AOL (James, 2007). These clients offer additional services through capability of file transfer for the clients. In this case, this makes it simple for individuals to disseminate confidential information such as excel filed, which might be containing sensitive pricing or financial information. In addition, this information can be accessed by third parties through employees can utilize or divulge confidential data during the chat session offered by instant messaging. Peer-to peer, which is also refered to as (P2P) poses a significant threat on confidentiality of data, intellectual property, and customer data (James, 2007). Some of the popular clients that offer P2P services include eDonkey and BitTorrent; in fact, the latter has acquired a P2P traffic share of 50 to 75% in the world (James, 2007). BitTorrent has recently been considered a national security threat after an assessment of peer-to-peer networks for confidential and sensitive data (James, 2007). For instance, there was a case where more than two hundred documents containing classified information were obtained from a scan of P2P networks for some few hours. Matrix: Technology Evaluation and Recommendation What Is the Risk or Vulnerability? What Needs to Be Protected? (e.g., passwords, data, file backups, system registry) Candidate Technology Solution How the Technology Solution Works Effectiveness (High, Medium, Low)  Loss of Confidentiality  Confidential information Application Proxy Firewalls  This technology involves use of inspection firewalls, which assess traffic at Transport or Network layer by allowing it to pass through or block it through a set of rules. These rules are set to examine packet headers that ensure satisfaction of condition rules. Nevertheless, these forms of firewall assess the payload.  High  Loss of Intellectual property  Intellectual property Employee Internet Management / Web Filtering  This involves deployment of solutions, which aimed at monitoring web sites that are visited by users and block access based on certain requirement; this permitted the organization to pose restrictions to web mail sites, Blogging sites and Phishing sites. Some of these solutions are offered by various vendors such as WebSense, Secure Computing, and Marshal.  Medium  Loss of Customer data  Customer data Reducing leakage via CD or DVD  An organization can formulate a policy, which prohibits copying of customer data onto CD or DVDs, and provide a system that does not support devices. However, there are challenges presented by laptops since supplies offer DVD writers in the present days. On the other hand, a Standard Operating Environment can be implemented to solve the problem, whereby an organization can get lid of burning media in their systems. They can also monitor their systems to avoid or reduce unauthorized installation of software use for burning by users.  Low Recommendations Application Proxy Firewalls is highly recommended for its function of stripping down traffic and reassembling it in order to analyze behaviors. Apparently, most of the data leaks occur through the internet; thus, Application Proxy Firewalls allows data to be disseminated only to locations that are acceptable (Ranum, 2007). Nevertheless, this requires understanding of several protocols by the Application Proxy Firewalls, which are based on RFCs, all application that fail to comply with anticipated behaviors are stopped. This occurs by disconnection from the source and another appropriate connection may be established, if it is necessary (Ranum, 2007). References James, C. (2007). P2P slammed as 'new national security risk. CRN Australia. Retrieved 7 September from: http://www.crn.com.au/story.aspx?CIID=88195 Bayan, R. (2004). Simple strategies to stop data leakage. TechRepublic. Retrieved 7 September from: http://articles.techrepublic.com.com/5100-10878_11- 5293877.html Heck, M. (2006). Guard Your Data Against Insider Threats. InfoWorld. Retrieved 7 September from: http://www.infoworld.com/article/06/01/13/73680_03TCdataleak_1. html Ranum, M. (2007). White Paper: Dude, You Say I Need an Application Layer Firewall? Secure Computing. Web. Read More