Today’s Sydney Morning Herald tells the story of online fashion business Showpo suing a former employee now working for the competition Black Swallow, for the alleged theft of its 360,000-strong email direct marketing (EDM) list.
MailChimp manages the EDM and has provided activity history that allegedly shows the former employee’s password was used to access the EDM that was then exported to her home IP address.
Regardless of the event and the potentially expensive and lengthy legal outcome, the damage has been done. It is timely to remind readers that data loss protection (DLP) or alternatively a secure file management platform approach are becoming a mandatory part of business security – using another acronym it is DRM (Digital Rights Management).
It boils down to risk. If the risk of a competitor gaining your EDM would seriously affect your business, you need a DRM solution. If a competitor gets hold of your IP or sales/pricing documents – ditto.
There is the age-old problem – if you lock things down too tightly it affects productivity, if you use passwords for sensitive data or folders all it takes is one password leak and that is useless. What is worse is that passwords are often not changed quickly, if at all, when an employee leaves with the keys to the castle.
Two products come to mind – BlackBerry’s Workspaces (formerly WatchDox) and Symantec’s DLP (Data Loss Prevention). Both rely on establishing what constitutes sensitive data and policies for its access, distribution, and use. Both realise that mobile BYOD devices are now repositories of much sensitive corporate data. Both use different approaches.
Workspace is the rework of WatchDox that Blackberry acquired in mid-2015 and its part of BlackBerry’s metamorphosis from a secure smartphone company to a secure software company.
Moti Rafalin, WatchDox chief executive, said back in 2011, “WikiLeaks, as well as numerous smaller document leakage incidents, have raised awareness for the need to better secure documents as they are shared inside and outside of the organisation. Legacy enterprise digital rights management and data loss prevention products are failing to address the problem, and enterprises are realising documents need to be seamlessly protected and controlled wherever they go.”
Workspaces builds on the WatchDox raison d'être (or should that be reasonable deterrent) to securely share documents among employees and other authorised individuals. When those files leave the corporate circle of trust — for example, to be sent to someone outside the organisation — the security goes with them.
Rebecca Bradburne, head of Asia Pacific & Japan, BlackBerry Workspaces, said, “Showpo’s security breach is not an isolated incident. Companies need to start recognising the danger that comes from within. We see that businesses have put systems in place to protect data inside an organisation, but as soon as data leaves the four walls they are powerless to stop a breach. This makes them a sitting duck to attacks."
“Now is the time for businesses to get smarter about the technology they use and the policies they have in place. BlackBerry Workspaces gives organisations the ability to maintain control over all corporate information in all circumstances. Workspaces allows companies to revoke access to data at any point, protecting information when it leaves the organisation. By implementing these type of technologies, Showpo could have avoided a breach and the implications it will have on the organisation’s reputation," she added.
Security is more than just IT and passwords – it needs to be viewed holistically by businesses. Without both a robust security policy and the right technology in place, these kind of high-profile breaches will become more and more common.
Symantec has been in DLP for a little longer (since 2006) and is a leader in Gartner’s Magic Quadrant.
According to Gartner, “Data loss prevention is currently experiencing a renaissance through a ‘second wave’ of adoption. What’s driving this need for data loss prevention? It is all about the data as organizations of all sizes and in all industries experience breaches. While DLP is not designed to be a silver bullet, it provides a key layer of data visibility needed to detect and respond to security incidents. And unlike other security controls, it can recognize the difference between a well-meaning insider and a malicious insider. This is why DLP is now considered a foundational technology that should be in every security leader’s toolbox.”
Symantec’s mantra is “data-aware defence” and wrapping tools around different data types and environments including the cloud for email, apps, and storage. It uses an extensive “discovery” process for file type detection (330 automatically recognised), content matching e.g. identifying things like credit card numbers, exact data matching and blocking, indexed document matching including a full file fingerprint (useful for unstructured data like documents, spreadsheets etc.) and machine learning.
Once done it monitors all use and builds a profile of policies that protect data in motion consistently across the whole environment including on-premise, cloud, and mobile. Its DLP covers application control, device control, automatic data classification, storage control and backup, sovereignty of data, ID management, malware/ransomware encryption protection, malware data exfiltration, and more.
Speaking with both BlackBerry and Symantec it appears that renewed interest in DLP is from small business like Showpo to enterprise level – all must put a value on the data they have, protect it and comply with new breach legislation and things like PCI-DSS.
Bradburne sums up for Workspaces: "Because it is cloud based — pay as you go — it is instantly available from one seat to thousands. It is part of BlackBerry's culture to inject a security first culture into every organisation, regardless of size."
Symantec sums up for its DLP, "Now we have a cloud offering our products are suitable from small business to enterprise - both on and off-premise."