What Happens In The Clubhouse Doesn't Stay In The Clubhouse - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Healthcare // Analytics
Commentary
11/15/2005
11:58 AM
Mitch Irsfeld
Mitch Irsfeld
Commentary
50%
50%

What Happens In The Clubhouse Doesn't Stay In The Clubhouse

There is a code of conduct in professional sports dictating that what happens or gets said in the locker room stays in the locker room. Well, a quick scan of the sports headlines shows how closely that honor rule is followed. And the same holds true for corporate teams with the added problem of incidental and accidental information leakage. I've been on a bit of a harangue the last couple weeks about monitoring the internal flow of information for compliance policy violations, as well as the i

There is a code of conduct in professional sports dictating that what happens or gets said in the locker room stays in the locker room. Well, a quick scan of the sports headlines shows how closely that honor rule is followed. And the same holds true for corporate teams with the added problem of incidental and accidental information leakage. I've been on a bit of a harangue the last couple weeks about monitoring the internal flow of information for compliance policy violations, as well as the incoming and outgoing flow. And I'm happy to report that it seems several vendors are on the same page, understanding that there are threats that a typical firewall or security appliance are not going to detect, namely the internal data stores.

We recently saw Embarcadero Technologies offering database-monitoring software that it acquired with its buyout of SHC Ambeo Acquisition Corp., a privately held maker of database-security software. Embarcadero is selling two database tracking tools from Ambeo's product line: Activity Tracker, a database-auditing mechanism that monitors all user activity in real time, and Usage Tracker, which provides historical statistics on how data is being accessed and used.And check out a review of Imperva's SecureSphere database security gateway. The rack-mounted device provides assessment, auditing and protection of enterprise databases from the so-called SQL injection attacks. The product also is able to learn who should be doing what from where and enforce policies when the access falls out of norms.

And there are applications other than databases that fail to generate a required audit trail. To help keep tabs on Windows apps, Consul Risk Management added in version 6.0 of its InSight Suite a new automated security policy generator, a development toolkit that completes missing audit trails, and a user-definable filtering capability.

Another aspect of knowing what's going on inside the protected corporate walls is setting policies and auditing the internal message stream. Titus Labs rolled out a suite of compliance and messaging security tools that enforce policies on the classification, distribution, and retention of internal messages as well as those entering or leaving the network.

And another often-overlooked aspect of message compliance is the fact that proper and improper messages can be sent via many different communications protocols. CipherTrust yesterday rolled out its IronNet appliance for preventing compliance violations across multiple protocols, including e-mail, instant messaging, Webmail, blogs and FTP and other peer-to-peer services. The IronNet appliance enables administrators to incorporate unified policies across all messaging protocols and apply multiple enforcement options-including block, quarantine, alert or encrypt.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
News
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll