Securing data from the threat within

Firewalls and antivirus software won't stop an angry employee from stealing data, or a sloppy one from accidentally exposing it.

A company?s biggest security threat isn't the sinister hacker trying to break into the corporate network, but employees and partners with easy access to company information.

Just ask Apple Computer, which filed two lawsuits in December accusing insiders and partners of leaking proprietary information. In one case, Apple is suing two men it says distributed prerelease versions of Tiger, the next iteration of Mac OS X. In a separate action, it is suing unnamed individuals who leaked details about a forthcoming music device code-named Asteroid.

Apple's not the only company that's found sensitive internal information leaked to the public. Big names such as America Online, Microsoft and Cisco Systems have also been victims. Research indicates that most security breaches are inside jobs. A recent Ponemon Institute survey of 163 Fortune 1000 companies found that roughly 70 percent of all reported security breaches were due to insiders.


What's new:
The biggest security risk often isn't unpatched software or a suspicious e-mail attachment, but the careless or corrupt insider.

Bottom line:
Companies are realizing that the human security threat must also be addressed. New products, heightened awareness, and lessons learned the hard way are helping businesses better protect their data.

More stories on data and ID theft

"It's much more glamorous to think of the hacker who works for some large cyber-crime ring," said Larry Ponemon, head of the Tuscon, Ariz., think tank. "But in reality, those characters only make up a small percent of the problem."

For more than a decade, corporations have erected digital perimeters to keep outsiders off their networks. But now discontented, reckless and greedy employees, and disgruntled former workers, can all be bigger threats than the mysterious hacker. And as more companies outsource portions of their business, vital company information can easily fall into the wrong hands.

Securing information from the inside has been largely overlooked by many companies. But headline-grabbing incidents such as the one at Apple, along with new federal and state regulations for protecting private information, are causing many companies to rethink their security strategies from the inside out. As a result, a whole new class of products has sprung up aimed at keeping employees and other insiders from sending confidential information outside the company.

Developing new techniques
In addition to products that control who gets access to what information, a slew of new start-ups focus on securing digital content and watching where it goes.

Products in this category vary in their approach. Some focus solely on protecting intellectual property from being leaked, while others also perform forensics analysis, digital rights management and security policy management.

Some products from companies like Vontu and Vericept act as gateways in the network to track sensitive information that is being sent outside of the network. They monitor e-mail, instant messages, FTP files, and other electronic communications on corporate networks, sniffing for leaks of Social Security numbers and other sensitive information.

But gateways aren't perfect. They only prevent information from being electronically sent over the network. They do nothing to prevent people from downloading files or printing documents.

Jon Oltsik, senior analyst with Enterprise Strategy Group, says technology must also exist on PCs and other devices not only to monitor what data is traversing the network, but to establish and enforce policies regarding printing and downloading information onto disks or USB devices.

Companies such as Authentica and Liquid Machines sit on the client machine tracking and limiting how recipients handle certain information.

"There isn't one technology that will solve this problem," Oltsik said. "You really need to take a combination of approaches."

The no-tech Trojan horse
Once inside a company or one of its partners, a trusted employee can do enormous damage. Often such leaks disclose the most sensitive of data.

"Insiders know where the information is located and how the security systems work," Oltsik said. "They know what information is valuable and what's not."

Matching the figure from the Ponemon study on corporate leaks, Michigan State professor Judith Collins found that 70 percent of all

Featured Video