As businesses face greater scrutiny and more legal responsibility for the manner in which they handle sensitive data, organisations need to ensure they do everything they can to prevent the leakage of information. This means fully understanding the source of the most common breaches and having an automated system in place to enforce the relevant policies and thus plug those leaks.
If Gartner is to be believed, 70% of serious security incidents are caused by internal employees, thus traditional threat-centric defences such as intrusion prevention systems and firewalls are of little help in stopping this outflow of information. Gartner also says that the amount of data that leaks out of an organisation is a function of four different factors, namely, accessibility, significance, copyability and detectability. Some of the recent legislation, especially that which is associated with data privacy, has been directly focused on leak prevention, as the awareness of this problem by executives becomes more apparent and the seriousness of leaks is better understood.
Gartner categorises the content monitoring and filtering market, part of the scenario outlined above, as one in its adolescent phase, but one that is experiencing rapid growth. From an estimated worldwide market in 2006 of $50m, it predicts the 2007 market to be worth between $120m and $150m, more than double last year's figures.
Information leak prevention (ILP), a comparatively new category of data security policy enforcement solutions, is intended to address many of these issues and uses deep packet inspection technology to track and audit private content in-transit. ILP aims to specifically identify materials that are not in compliance with corporate data security policies and prevent their distribution. Information leak management (ILM) is much more than a super set of ILP products and should include a framework and methodology and the associated services that enables organisations to make decisions on how they should address and manage this inside threat.
One South African company, New Generation Solutions (NGS), a BEE company based in Midrand, addresses the ILM space and is providing the consultancy and services that enable organisations to identify these internal threats. It also offers a range of business-driven technology solutions.
The NGS team consists of a group of engineers who work with the client base and use the framework and methodologies that NGS has developed and evolved over the past years. The culmination of this joint activity is a set of recommendations and best practices that may include the installation of various software solutions, some of which may be sourced from other companies, despite NGS having strong and direct partnerships with many of the global players such as BioSlimDisk, Cyber-Ark, PerSay and Websense, including PortAuthority Technologies. NGS is also a reseller of the products from PGP and Tufin.
NGS's customer base includes organisations across both the private and public sector such as Edcon, MTN and Standard Bank. A few months ago NGS became part of the SecureData Holdings Group, although it continues to operate as a separate division.