Manualshelf

Datasheet

ManualsBrandsFor Dummies Manualsbooks978-0-470-38843-3
11121314151617181920
25
Chapter 1: Defining Data Loss
Getting the Whole Picture
So how do you get the holistic (big-picture, everything-accounted-for) per-
spective you need if you’re going to bring your data under control? You could
get hold of a risk-assessment tool to identify your assets (as well as the risks
to those assets), to estimate the likelihood of security failures, and to identify
appropriate controls for protecting your assets and resources. The problem
with these tools is that they often have an inclination toward the technology
that the particular tool vendor is touting. Worse than that, most of the tools
are aimed at the world as it was yesterday — back when it wasn’t front-page
news to lose a laptop or have a CD-ROM vanish in the mail. Too often, the
tools miss one of today’s unpleasant realities: Losing a laptop can do more
damage to the reputation of a company than losing a whole data center.
Knowing and controlling what you have
The toughest part of protecting the data is finding it. If you don’t know
where it is, how can you protect it? Subsequent chapters in this book help
you achieve this — and much more. If you want to jump-start the process,
then you’re probably better off trying to find some kind of discovery tech-
nology. SRM (Storage Resource Management), for example, may be a bit
old-fashioned but it can still discover the file types you have in storage. A
more recent technology, DLP (Data Loss Prevention), analyzes the data it
finds — and can identify and protect confidential information on file servers,
databases, collaboration sites, e-mail systems, Web servers, and other data
repositories — such as (yes) laptops. This kind of technology can discover
and create an inventory of confidential data stored on laptops and desktops,
as well as help prioritize the high-risk areas of data storage.
When an organization knows what it has and where, it can then monitor (or
prevent) downloading or copying as needed — both internally and externally.
Data being copied (for example) to those handy keychain-size USB devices,
burned to CDs or DVDs, downloaded to local drives, sent via Web mail,
instant messaging, or peer-to-peer networks and generic TCP — can all be
monitored and controlled.
A one-size solution does not fit all
It isn’t good enough just to motor down the technological route in search of
instant data-leak prevention solutions. Too often, it’s thought that technology
will solve all problems — to which we can only say, Dream on. Often technol-
ogy, especially when it’s applied badly, makes the situation worse — unless
05_388433-ch01.indd 2505_388433-ch01.indd 25 1/23/09 9:36:08 PM1/23/09 9:36:08 PM