To prevent confidential data from leaking out of your organization or getting stolen, your cyber security efforts have to be aimed at two areas: securing data-at-rest and securing data-in-transit (sometimes referred to as data-in-use). Data-in-transit is often secured by protocols that use an Advanced Encryption Standard (AES) and require encryption keys. But what about data-at-rest protection?
The problem of inadvertently sending an attachment with the wrong email address, or attaching the wrong file, are sources of data leakage. Adding password protection allows you to provide an extra layer of security when making ad-hoc file transfers.
Ever since amendments were made to the Federal Rules of Civil Procedure to introduce eDiscovery, litigants and litigators have been struggling to find better ways of handling the large volumes of electronically stored information (ESI) now frequently involved in lawsuits. For instance, many of our clients in the legal profession want to know how to reduce risk exposure when sending big files of ESI.
During the eDiscovery phase of civil litigation, lawyers may be given access to a lot of electronically stored information (ESI), some of which might be covered by certain laws/regulations. To avoid harsh penalties and preserve client confidence, attorneys must move to secure ESI especially during file sharing, when the information can be exposed to a variety of threats.
Applying OpenPGP encryption to a file containing credit card numbers
In Part 1, we showed you how to configure DLP on a group directory in order to detect uploaded files that contained credit card numbers. Then in Part 2, we laid out the steps for sending an automatic email notification whenever such files were detected. This time, we're going to teach you how to protect those files using OpenPGP encryption.
If you followed the steps in Part 1, then you should now have a DLP-enabled group. That group directory will have the capability to detect files stored in it that contain certain credit card numbers. If a member of that group attempts to download such a file, the server will prevent the download from taking place and fire a "DLP rule matched" event. In the screenshot below, a user is prevented by JSCAPE's DLP from downloading a file containing MasterCard numbers.
A large share of all data security breach incidents involve non-malicious company insiders. In fact, Ponemon's "2013 Cost of Data Breach Study: Global Analysis" revealed that an astounding 35% of data security breaches in 2012 were simply caused by negligent employees or contractors. In a file transfer server, where multiple users can share a single folder, such incidents can easily happen.
There are a number of areas in JSCAPE MFT Server where regular expressions can be employed. The regular expressions in the DLP (Data Loss Prevention) module, for instance, play a crucial role in finding sensitive credit card numbers among data stored in your managed file transfer server. This will allow you to automate the tedious task of finding and protecting (e.g. by encryption) these sensitive data and help you comply with PCI DSS requirements.
Haven't yet found any compelling reason to deploy data security solutions like managed file transfer (MFT) and data loss prevention (DLP)? Looks like the European Union is about to give you one. If provisions in the leaked draft of the regulation for the new European Data Protection Directive get carried over into the final form of the law, EU companies as well as global companies who operate in EU-member states will have to improve IT security in order to comply with the regulation or risk incurring heavy penalties.