This post references the Verizon 2010 Data Breach Investigations Report
Malware
Malware factored into 38% of 2009 cases and 94% of all data lost. Malware is loaded onto the network by various methods that constantly evolve and keep pace with network security. The main goal of malware is to collect sensitive information without being discovered. Once collected, the data is used in many different ways. In many cases, the data is sent out of the network and back to the host computer. In this case, if the company were to have network monitoring software active, they could distinguish between valid/invalid outbound traffic.
Employee Misconduct
Employees play a major role in data leakage. Whether it be for financial gain, to directly harm the company or both it is pertinent that employee network usage is monitored. Simple internet surfing by idle employees could lead to malware being installed on the corporate network. Records of websites visited, with exact reconstruction, is the first step in damage control if a breach occurs.
The Verizon report states "We advocate paying attention to what goes out of your network and what changes take place within your systems." Additionally it states that any periodic, odd sized, trending, or further suspicious outbound activity is grounds for investigation. This can be accomplished with many tools, but often a simple traffic analyzer will not let capture the actual files that are sent out of the Network.
NetSentry Live undetectably monitors network Internet traffic and captures, reconstructs, and stores original content in a searchable database. With its real-time alerts, NetSentry can provide the insight to identify both who and when suspicious or malicious Internet activity happens on your network. Never before has a network monitoring and forensics tool been so powerful and as easy to use as NetSentry. Adding NetSentry Live to your DLP strategy gives your business a best-in-class tool that produces the complete evidence when the leak happens.
No comments:
Post a Comment