Jeff Vance of Network World put out a great piece a few months back on how a data leak prevention tool running at George Washington University Hospital averted what could have been a major security risk to Vice President Dick Cheney. But while this technology clearly has a tremendous security upside, will pervasive use of this technology lead us down a China-like censorship path?
According to Vance, IT administrators reportedly picked up a message sent from the Secret Service which detailed the travel plans and exact route that VP Cheney was to take later that day when he visited the hospital. Using a DLP tool that I mentioned in my last blog, Reconnex, security admins at George Washington University were able to use a profile-based rule that flagged certain keywords in the message, along with the fact that there was no encryption on the message, to block the e-mail from leaving the gateway.
The e-mail filtering capabilities of DLP systems alone can make them well worth the price of purchase. Just think for a moment about the damage that an insider could do through e-mail by sharing your corporate trade secrets or your customer's personal information. As we saw in the GWU case, e-mail could have been the conduit that facilitated a major breach of national security.
And what if your customer's data already has been compromised? While I'm not an advocate for covering up major security breaches, as a CEO or CIO I'd certainly like the ability to control what information is disseminated and how that information is presented to the media and to my customers.
How much would it cost Intel if a revolutionary new processor design fell into the hands of AMD's capable engineers via e-mail? How much would it cost Google if its 60-month business strategy fell into the hands of Microsoft? In my view, in much the same way that Bill Belichick cheated to gain an advantage on the rest of the NFL for years, you better believe that Steve Ballmer would lick his chops if he could get his hands on Google's playbook.
Ponder this. When does the ubiquitous use of data and e-mail leak-prevention systems go from simply protecting yourself to building a China-like firewall around your organization where seemingly no e-mail can leave your gateway without being flagged, blocked, or vetted by management?