Loading
CIO
Newsletters
Digital Tools
CIO Blog
Virtualization RSS Feeds
Managed Services Webcast
Service Oriented Architecture Podcast
Case Studies

Rolling Out a Data Leakage Prevention Program

Case Study of a Leading Financial Services Conglomerate from India

Dataleaks … What’s at stake?

28 March 2011 11:20 am , Rahul Neel Mani

In conversation with a few of India’s top-ranked CISOs (Chief information Security officers) last week, some very scary and eye-opening facts came to light.

One of India’s premier telecom service providers (name undisclosed) discovered that over 400 of its employees were found misusing the corporate data – a clear violation of data usage norms. The company issued a cautionary warning to 49 of them and finally terminated nine employees as they didn’t pay heed to the repeated warnings. Similarly, a software and e-learning major in India nabbed six of its employees and showed them the door. Terrifying, isn’t it?

Indeed!
While enterprises face a data deluge and there is tremendous pressure on technology organisations to make the data available to large sections of the workerforce, for better decision-making, the security of stored data remains a huge concern. While storage woes were handled beautifully by the majority of enterprises, the security of data is yet to show on the ‘to-do’ list of many.

A lot of you will disagree with me and site examples of firewalls, IDS/IPS, SSL-VPN secure access type of solutions deployed in your organisations. Frankly those solutions are related to network security and provide the first line of defence from external threats. When it comes to fighting internal data theft and misuse, the approach, technology and mindset needs to be totally different.

In the same series of discussions, Murli Nambiar, VP and head of information Security at reliance Capital explained how he, after a lot of internal jockeying, overcame the serious threats of data thefts and helped in reducing the number of incidents in an organisation that has over 25,000 employees.

Technologies like Digital rights management (DRM) and Data leakage Prevention (DLP) come in handy and play a vital role when you are contemplating an enterprise-wide strategy for safety of data. in case of Murli, it wasn’t really an easy roll-out, but to believe him, it was the ‘only’ remedy to address the challenges of data theft and leakage. not only has DRM and DLP prevented the leakage, it has also helped the company with preventing customer poaching (e.g. insurance customers).

As custodians of sensitive corporate information, CIOs seriously need to look at these successful technologies that are not only saving sensitive data from being stolen or misused, but also safeguarding enterprises from something that can cause loss of image.

 

rahul.mani@9dot9.in


Related Content
Readers Feedback
Post a comment



Editor's Blog

Big Data, Big Hype?


While vendors are aggressively pushing Big Data solutions, do you actually need them?

Whitepapers

What has changed in OWASP TOP Ten 2010?

It’s Top 10 Risks, not just Vulnerabilities!

The Case for Automating Case Management Workflows

In today’s challenging economy, organisations must be more agile and work smarter in order to crea

Copyright @ 2009 The CTO Forum. All rights reserved