Lost tapes continue to capture headlines. Recently I meet with a client that had 300 GB of data worth $500K stolen. How did they know it was worth $500K? That's what they paid for it. The disk was encrypted and the network was pretty well locked down. So how did the master thief hack into the network and steal the data? Through the front door -- with a USB hard drive in his pocket.It was an employee who decided he was going to start his own business and take this company's research data to get started. Because of his position with the company, he had full access to the network and simply plugged in a USB drive and copied the data over, unplugged the drive, slid it in his pocket, and walked right out the door. Once he was logged in the encryption was defeated, as was the network.
How can this be stopped? With data access and leakage tools. With data leakage tools you identify critical data or folders on your network and set a policy that won't allow them to be copied to external devices such as USB or thumb drives. These tools also can provide the capability to log access and changes to any given file so that this data can be used to verify who has done what to a file.
This type of tool doesn't require the dreaded data classification step that has stopped many customers from attempting to get a better handle on their data. Off the top of your head, you can probably name many of the critical files in your environment, and you also can make some safe assumptions. All the HR files, for example.
The companies entering this market are growing rapidly, with solutions from companies such as Reconnex, Vontu (now part of Symantec), and Cofio Software becoming readily available to stop leakage now. But there's a need for these solutions to be more holistic since these data leakage policies interact with other aspects of protection and compliance. This holistic approach creates a new product category, data supervision; encompassing auditing, leakage prevention, and state management (versioning and WORM), as well as integration with the data protection process. All of these features interact with each other and need to be aware of each other.
Encryption may work when data does a controlled leave from the data center on tape, but a higher level of protection is needed when the data theft is the result of an inside job -- data leakage. For active data management, these solutions have to expand to data supervision.
George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.