Code Green banner NU banner
Tue, 06 January 2009


Information Leakage is a Significant Risk

 
0

Unauthorized disclosure of sensitive and proprietary information is emerging as a major factor that can potentially affect all three key corporate risk areas - reputation risk, compliance risk and operational risk. Organizations can lose hundreds of millions of dollars when sensitive, proprietary information is either maliciously or mistakenly posted to the Internet or emailed outside the organisation.

Key examples from public sources include:

  • Reputation Risk - ChoicePoint, a data brokerage company that sells information and data services to the insurance industry, government agencies, direct marketers, and other businesses leaked information in March, 2004 on 145,000 U.S. citizens. This resulted in $15 million in fines as well as significant loss in market capitalization.
  • Compliance Risk - Palm Beach County Health department inadvertently emailed a confidential list of 4,500 AIDS patients and 2,000 HIV-positive patients to 800 employees in February, 2005. This violated the Health Insurance Portability and Accountability Act, and could result in financial penalties.
  • Operational Risk - Cisco had its proprietary IOS source code posted on a public website in May 2004. Once proprietary code is exposed to attackers, it becomes considerably less secure and threatens a company's competitive position.

Code Green Networks Helps Mitigate Risk

Our Content Inspection (CI) Appliance™ mitigates all three types of risk by establishing a content protection shield around your company or organization. If someone transfers sensitive content via email or other network protocol, it is automatically detected and appropriate action can be taken. Incident records can be analyzed to reveal at-risk content and appropriate mitigation efforts taken to reduce future incidents - such as educating users or fixing a poorly designed business practice. The number of incidents are significantly reduced by implementing a phased approach of CI Appliance deployment as shown below:


0

Our 48-hour Content Risk Assessment enables you to take the first step in mitigating the risk associated with sensitive information disclosure. The assessment consists of a default set of policies, which monitor the outbound flow of content on your network over a 48-hour period. With this information, you can identify content protection "hotspots" within your organization and start implementing more specific policies to reduce your risk.
home | products | solutions | about | contact | support | newsletter | privacy
Networks Unlimited is the trading name for NU Network Products Limited, Registered in England and Wales.
Registered No: 2716629. Registered office: 5 The Colonnades, London Road, Pulborough, West Sussex. RH20 1AS. VAT Registration No. 587 8287 67