A shift to information-centric security
Orchestria has identified a significant trend missed by security providers that publicized 2008 industry predictions at the beginning of the year. Corporate security officers are increasingly shifting focus away from infrastructure-based security to concentrate on safeguarding information itself, no matter how, by whom, or where it’s being used.
Complete information protection and control – knowing where content is located, identifying its risk level, and applying appropriate actions to manage it – goes beyond simply monitoring and reporting violations. Enterprises need to actively prevent data from being misused. Here are three attributes of information-centric data loss prevention (DLP):
Business cooperation: A true information-centric DLP approach requires open dialogue with and buy-in from the business. It is impossible for IT security or IT operations to unilaterally determine the value and risk of every piece of data in the organization. Information protection and control decisions need to emerge from tight collaboration between IT and the business. Ultimately, the business is the owner of the information with IT playing the critical role of security advisor and enforcer. That’s why businesses should also participate in the management and remediation of incidents.
Precision in detection of breaches: An effective DLP solution must classify data to recognize and differentiate among the gray areas in a company’s proprietary information. This requires analyzing data across several dimensions, including business context, the identity and hierarchy of the author, sender, and recipient, and the content-around-content of a message or document.
Application of appropriate policies: Even companies in the same industry have diverse policy needs, so users need to have extremely flexible, detailed actions that can be refined to understand the intent of use and respond appropriately to specific risks.