Data Leakage Prevention - A Position to State-of-the-Art Capabilities and Remaining Risk

Barbara Hauer

doi:10.5220/0004951703610367

Data Leakage Prevention - A Position to State-of-the-Art Capabilities and Remaining Risk

Barbara Hauer

2014

Abstract

Organizations from all around the world are facing a continuous increase of information exposure over the past decades. In order to overcome this thread, out of the box data leakage prevention (DLP) solutions are applied which are used to monitor and to control data access and usage on storage systems, on client endpoints, and in networks. In recent years products from market leaders, such as McAfee, Symantec, Verdasys, and Websense, evolved to enterprise content-aware DLP solutions. However, this paper argues that current out of the box solutions are not able to reliably protect information assets. It is only possible to reduce the probability of various incidents if organizational and technical requirements are accomplished before implementing a DLP solution. To be efficient, DLP should be a concept of information security within the information leakage prevention (ILP) pyramid which is presented in this paper. Furthermore, data must not be equalized with information which requires different strategies for protection. Especially in case of misusing privileges by exploiting an unlocked system or by shoulder surfing, the remaining risk must not to be underestimated after all.

Download

Paper Citation

in Harvard Style

Hauer B. (2014). Data Leakage Prevention - A Position to State-of-the-Art Capabilities and Remaining Risk . In Proceedings of the 16th International Conference on Enterprise Information Systems - Volume 2: ICEIS, ISBN 978-989-758-028-4, pages 361-367. DOI: 10.5220/0004951703610367

in Bibtex Style

@conference{iceis14,
author={Barbara Hauer},
title={Data Leakage Prevention - A Position to State-of-the-Art Capabilities and Remaining Risk},
booktitle={Proceedings of the 16th International Conference on Enterprise Information Systems - Volume 2: ICEIS,},
year={2014},
pages={361-367},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004951703610367},
isbn={978-989-758-028-4},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 16th International Conference on Enterprise Information Systems - Volume 2: ICEIS,
TI - Data Leakage Prevention - A Position to State-of-the-Art Capabilities and Remaining Risk
SN - 978-989-758-028-4
AU - Hauer B.
PY - 2014
SP - 361
EP - 367
DO - 10.5220/0004951703610367