The insider threat

It seems to me that recently there’s been a general trend in the security industry to start thinking more about insider threats. I don’t know if this is because companies are feeling more on top of the external hackers or viruses, or whether it’s just that awareness is growing that everyone needs to control outbound information flow as well as inbound. Regulations like Basel II, Data Privacy and MiFID certainly are helping to focus a few minds.

I’ve seen a few more articles in the press about this topic over the last few weeks, as well as the news that Lloyds TSB has got itself some pattern recognition software to spot employee fraud. This article at ZDNet very sensibly includes “forgetting that data traffic is two-way” as one of its four deadly security sins.

Of course if an employee is really determined to get information out they can write it on a piece of paper and walk out the door, but it’s important to do what you can to control outbound data flow. And accidental breaches of confidential information can be costly! We’ve got a few of the more famous (and entertaining) ones listed on our website here (scroll down for the list when you get there).

We’ve been winning

Not to blow my own trumpet, but 3BView has been doing pretty well in the awards stakes recently. We won the innovation category at the Big Chip Awards and one of the judges (commenting on the famous 'dodgy dossier' ) said, “If this had been around four years ago, Tony Blair might have got another term as Prime Minister.” Nice quote! We’re also shortlisted for the Liverpool Daily Post Regional Business Awards – watch this space.

Office 2007 causing problems

Charles Arthur at the Guardian has written an interesting article about problems with Microsoft’s new Office 2007 document formats. As they’re not backwards compatible with previous Word formats, Microsoft’s had to put out converters for older versions of Office to read them, and the consensus seems to be it’s made a mess of the problem.

It’s not just the short-term problems that are concerning – what’s going to happen to those billions of old Word documents? Are we going to be able to read them in 10, 20 or 50 years time? I’m sure I’m not the only one old enough to remember the BBC Domesday project from 1986, and the scare when its data was nearly lost. OK, the Domesday project was more about obsolete hardware than non-standard file formats, but the point is the same. Maybe we should put everything in PDF now and cross our fingers?

So what is Information Leak Prevention (ILP)?

I thought it’d be good to start off by at least attempting to define what we mean by ILP. Basically, we’re talking about organisations stopping their valuable information from leaking out where it shouldn’t, either deliberately or accidentally. Whether it’s a company losing its secrets or a financial organisation inadvertently spilling confidential customer data, it’s a big deal – and the penalties for getting it wrong can be massive.

Computer Weekly has got a good article here which covers things pretty well, although I’d argue that 3BView’s tools don’t really suffer from the false positives problems discussed at the end of the article.

About 3BView

3BView provides companies with solutions to achieve secure and controlled exchange of business electronic communications and documents, ensuring teams can safely and globally collaborate.

This blog is going to talk about the company, the technology, and what's going on in our market of information leak prevention.