McAfee White Paper Sample

In addition to inbound threats, there are also outbound data leakage risks that jeopardize critical and sensitive information vital to an organization’s success. Attackers are not always outsiders in faraway countries. Data thieves, industrial spies, and cyber-vandals can, and often do, operate within a company’s own boundaries. Moreover, outbound threats are not always the result of an intentional attack by an insider; sometimes they occur when an employee unintentionally opens a “back door” by downloading a rogue application, one that has not been approved by IT.

Outbound data loss is a concern for two reasons: the risk of intellectual property loss and the need to comply with regulatory mandates and industry requirements, including SOX, HIPAA/HITECH, GLBA, PCI, and regional privacy laws. Many organizations imagine that simply filtering their email provides sufficient protection. While email filtering is a key factor in a data loss prevention strategy, a multiprotocol approach to data security—where security administrators also pay attention to web protocols—is best.

Blogs, wikis, social networking sites, and personal email (which is sometimes encrypted) are all potential data loss points for the enterprise. As a result, web (HTTP), encrypted web (HTTPS), instant messaging (IM), and file transfer (FTP) protocols must all be monitored. Again, with Operation Aurora, one of the goals of the attack was access to intellectual property, specifically software code repositories.