Web 2.0 DLP Toolsets

David Sherry, CIO at Brown University, has contributed a great article to SearchSecurity on "How to build a toolset to avoid Web 2.0 security issues." The article addresses the growing benefits of web 2.0 tools in the enterprise which must be balanced against increasingly complex security issues. In particular, the article looks at how to look at, and asess, data loss prevention (DLP) technologies.

One must always remember the importance of striking a balance between speed, accuracy and adequate coverage when deploying either a network-based, host-based, or data identification DLP product.

DLP analysis techniques include:

• pattern-based searches using regular expressions
• fingerprinting by searching elements of actual databases
• exact file matching
• statistical analysis to search for content that may resemble sensitive data or contain pieces of it
• document matching for complete files
• analysis of lexicons (ex. employment opportunities, insider trading, harassment)
• vendor-supplied categories, to address regulatory mandates (such as HIPAA and GLBA)

You'll want to do an analysis of your own data security needs before choosing the technique(s) that are right for you. You can continue reading about this here.