Leave a comment

Heathrow Lost USB Underscores Importance of DLP

This past week a USB stick was found on the ground in the Queen’s Park area of London UK.  It turns out the USB drive contained confidential details of the security practice for Heathrow Airport.  The man who found the drive provided it to a British newspaper – The Sunday Mirror who then provided it to the authorities.  Contained on the drive was 2.5 GB of data across 76 folders, many files being marked as “Confidential” or “Restricted”.  The contents outlined sensitive details on tunnels linking the airport to the Heathrow Express Line, as well as airport screening procedures for VIP’s and Cabinet Ministers.

Risk (or challenge) Removable Media Poses

This example highlights the risk that removable media can pose to an organization.  While there are a multitude of enterprise and cloud file sharing solutions in the market today, none are simpler than plugging removable media into a USB port.  Ease of file sharing and transportation make removable media an often used tool inside many organizations.  However, as this example with Heathrow shows us, that tool can also be a risk to your organization.  Sensitive data can be easily copied to USB devices.  Once outside the control of your organization, the lifecycle of the data is no longer managed and under your control.  Removable devices (including smartphones) being small can be lost or stolen, exposing your organization to negative PR, legal issues and even lost revenue if they contained sensitive data.

How a DLP Solution can Help

DLP stands for Data Loss Prevention (or Data Leak Prevention if you prefer).  The purpose of a DLP solution is to prevent incidents such as the Heathrow Lost USB.  Outright disabling the USB ports on a computer is an extreme tactic to preventing data from being copied to unmanaged removable devices, however that can be a significant barrier to productivity. DLP solutions can allow you to manage the data and removable devices instead.  Every business is unique in DLP requirements.  Some may require authenticated removable devices (such as managed smartphones) where only known and authenticated devices can be mounted and files transferred.  Others may allow only encrypted USB sticks, while others still may block specific files from being written to removable storage and allowing others.  Implementing a DLP solution can help provide your organization with the control necessary to prevent data from leaking outside the boundaries of your company.

What to do next?

Contact us to see a demonstration of our solution.

Or watch an overview of the secRMM integration with Microsoft Systems Center.

Or if you’re really impatient, jump right to downloading the trial.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: