Networking: Content filtering grows

A gullible young employee sends out a confidential document -- over the Internet -- that should have been sent only by overnight courier. A spy, hired by a rival firm, snags the file, with a packet-sniffing device, as it transitions from the corporate network to the Internet. Trade secrets are divulged, and the company is ruined. Experts tell United Press International's Networking column that corporations, both large and small, are seeking to stop "information leaks," like that, with outbound content filtering software.

"When critical data escapes, either intentionally, or accidentally, organizations face financial, legal and reputational costs," a spokesman for Fidelis Security Systems, based in Bethesda, Md., told Networking. "As a consequence, the outbound content filtering market is experiencing exponential growth."

As organizations choose to deploy network content control solutions to stem the unauthorized flow of confidential information, they have a number of architectural choices, said Trent Henry, senior analyst, at The Burton Group, an IT research firm, based in Midvale, Utah. "For some enterprises, it's preferable to avoid any potential network disruption by deploying a content filtering tool out-of-band. They don't necessarily want to give up remediation capabilities, though: so a flexible solution is a key consideration," said Henry.

One such solution being used on corporate networks is the latest version of Bethesda-based Fidelis Security Systems content filtering software. Officially known as extrusion-prevention software, the software is designed to fit into existing IT infrastructure, and prevent the unauthorized transfer of sensitive or critical information over a network. This includes e-mail, Web mail, FTP, instant messaging and even peer-to-peer communications.

The software scans all outbound documents. Pre-built policies use information profiles to prevent any sensitive information from "leaking," or being sent outside the company. The software can be programmed to include state regulations protecting personally identifiable information, prevalent in California, for example, or the Pentagon's data classification standards, or health regulations, and computer source code.

"The incidents of data leakage continue to grow and the market, brand, legal, operational and financial consequences can be significant," said Timothy Sullivan, chief executive officer of Fidelis.

Cupertino, Calif.-based Symantec last week announced that it had integrated some new features into its famed anti-spam software. The software now protects against inbound, as well as outbound, e-mail threats. One organization already using the software is the Brisbane Girls' Grammar School in Brisbane, Australia, which has 175 teachers and administrators and 1,150 students.

"Today's enterprises rely heavily on e-mail for both internal and external business communications," said Brian Burke, research manager for the market research firm IDC's security division, based in Framingham, Mass., adding that he believes organizations are looking for "comprehensive" solutions to the content management problem. In addition to setting policies, network administrators can use the software to regularly scan the networks, by keyword or expression, for more than 200 recognized file attachment types, including ZIP files, executables, spreadsheet and presentation file formats.

External threats are still valid - viruses, malware and the like, though there is an increasing recognition that insiders can cause all manner of problems for corporate IT security too, experts tell Networking.

Smaller companies, in particular, are looking for tools that can combine both scanning of outbound and inbound messages, so as to reduce their IT costs. A firm called eSoft, Inc. has developed an "intelligence" sharing program that allows small companies, throughout its customer base, to share information on the latest threats. This kind of collaboration can give the smaller firms access to information about IT threats that they may not previously have had. It may also level the playing field with potential network intruders, whether they be Eastern European cyber-criminals, or kooky kids in a college dorm. "IT managers at smaller companies have not had the ability to collaborate in an effort to strengthen their security posture, while at the same time hackers and malware generators have collaborated to amplify the effects of their exploits," said Jeff Wilson, a principal analyst at Infonetics Research, a market research firm.

Copyright 2006 by United Press International

Related stories:

First glimpse of a key DNA repair protein at work
Repairing breaks in the two strands of the DNA double helix is critical for avoiding cancer. In humans and other organisms, a molecular machine called the MRN complex is responsible for finding and signaling double-strand breaks (DSBs), then launching the error-free method of DNA repair called homologous recombination.
Outsourcing aids many data thefts, Verizon says
(AP) -- The reliance of restaurant chains and retail stores on outside companies to handle credit-card processing and other information-technology functions is partly to blame for a rash of consumer data breaches over the last few years, according to data sleuths at Verizon Communications Inc.
See what I see -- machines with mental muscle
(PhysOrg.com) -- The way we use and interact with machines is undergoing a profound change as computers are programmed to learn from experience and see more how we see. European research into machine learning is pushing back the boundaries of computer capabilities.
Google offeres up a new vision of computing's future
Tuesday, and it has little to do with desktops or laptops. It's a future that focuses on mobility, with access to the Internet - and the ability to search its vastness, of course - no matter where you are from a device that clips to your belt or sits in your purse. The Google phone has arrived.
Computers figuring out what words mean
The Internet got smarter this week with the release of a semantic map that teaches computers the meanings behind words -- and gives the machines a vocabulary far larger than that of a typical US college graduate.
Putting pictures into words
(PhysOrg.com) -- Visual images can contain a wealth of information, but they are difficult to catalogue in a searchable way. European researchers are generating and combining scraps of information to create a searchable picture.
Pervasive games promise to spice up daily life
(PhysOrg.com) -- In the movie The Game, the character is hounded by villains and left for dead in Mexico in an intense version of an alternative reality game. Minus the Hollywood bravado, games that merge the virtual with the real could be the next entertainment revolution, helped by European researchers.
Facebook makeover nettles some devotees
Facebook's new look became mandatory Wednesday in a shift to what the popular social networking website says is a faster, streamlined and more spam-resistant format that has some devotees in a state of rebellion.

News discussion:

Technology news