Web 2.0 DLP Toolsets

By: Absolute Team | 9/30/2010

David Sherry, CIO at Brown University, has contributed a great article to SearchSecurity on "How to build a toolset to avoid Web 2.0 security issues." The article addresses the growing benefits of web 2.0 tools in the enterprise which must be balanced against increasingly complex security issues. In particular, the article looks at how to look at, and asess, data loss prevention (DLP) technologies.

One must always remember the importance of striking a balance between speed, accuracy and adequate coverage when deploying either a network-based, host-based, or data identification DLP product.

DLP analysis techniques include:

pattern-based searches using regular expressions
fingerprinting by searching elements of actual databases
exact file matching
statistical analysis to search for content that may resemble sensitive data or contain pieces of it
document matching for complete files
analysis of lexicons (ex. employment opportunities, insider trading, harassment)
vendor-supplied categories, to address regulatory mandates (such as HIPAA and GLBA)

You'll want to do an analysis of your own data security needs before choosing the technique(s) that are right for you. You can continue reading about this here.

Absolute Team

All Posts By This Author

Distance Learning's Impact on Education IT

Distance Learning Solutions Hub for Education

Resource Center for Remote Work and Distance Learning during the COVID-19 Outbreak

2020: The State of Endpoint Resilience™️ Report

Video: Absolute for Resellers and MSPs