WikiLeaks shows gap in current document security measures..!!

priyanshuit's picture


 As demonstrated by the leak of hundreds of thousands of sensitive US documents to WikiLeaks, organizations need to do more to protect their documents than preventing their unauthorized disclosure, according to Adi Ruppin, vice president of marketing at WatchDox.

Simply taking steps to protect the data loss is no longer enough; organizations need to implement measures to control and track documents even after they have been transferred or leaked, Ruppin told Infosecurity.
“People are not aware enough of the problem….Organizations might have access controls in place and encryption, but people don’t realize that if a person already has access to these documents, there is little to prevent that person from forwarding them to someone else or downloading them to a USB drive”, he said.

“Most people still think, ‘I have this password and this encryption, so I’m fine.’ They don’t realize that this is just one point of protection; these documents still need to be protected wherever they go afterward”, he added.

WatchDox offers products that enable an organization to deny access to documents even after they are no longer under the organization’s direct control.

Ruppin said he was “surprised” at the extent of the US government's data loss to WikiLeaks. “You would expect [the US government] to have some tools in place” that would enable control of documents even after an unauthorized disclosure.

According to the WikiLeaks website, it has over 391 000 US military reports on the Iraq and Afghanistan wars, as well as more than 250 000 leaked US embassy cables.

According to a WatchDox survey of 500 corporate executives and IT professionals, 65% of respondents said they share sensitive data with third parties. Of those, 96% said they are concerned that data they share with other organizations might get into the wrong hands. One-third admitted that they have had a least one incident of data loss.

A full 83% of those surveyed ranked document and intellectual property security as very important, ahead of anti-virus and network security. But only 12% are using a data loss prevention (DLP) or digital rights management (DRM) system.
But even these systems are not adequate to prevent a massive loss of documents like WikiLeaks. “If you look at DLP or DRM, they are mostly built around preventing the stuff from going out, which is not a complete solution”, Ruppin said.

Source: www.infosecurity-us.com

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
13 + 7 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

About the Author

priyanshuit's picture

Name
priyanshu

Last Name
sahay

Gender
Male

Website / Blog
http://www.hackersonlineclub.com

About me
Myself PRIYANSHU. >> Certified Cyber Law Expert >> Certified Cyber Security Expert >> Certified Ethical Hacker >> Working on Cyber Security, Ethical Hacking, Investigation, VAPT, Web Designing. Catch Me On >> Facebook: http://www.facebook.com/priyanshu.it Twitter: http://twitter.com/priyanshu_itech Email: priyanshu@cyber-india.in

Location
Delhi

Recent comments