The Sarbanes-Oxley Act's (SOX) broad category of "assets" requiring protection includes digital assets such as computer program source code, trade secrets, corporate financial information, patient records, and any other category of sensitive information where unauthorised disclosures could may have a negative impact on the company's stock price or its financial integrity. Organisations are required to closely monitor the usage of those digital assets and be able to detect such events in real time or near real time.

Unauthorised disclosure of sensitive and proprietary information is emerging as a major factor that can potentially affect all three key corporate risk areas - reputation risk, compliance risk and operational risk. Organisations can lose hundreds of millions of dollars when sensitive, proprietary information is either maliciously or mistakenly posted to the Internet or emailed outside the organisation.

To protect confidential information, effective identity management and access controls are necessary, but not sufficient. They must be augmented with an inspection and enforcement capability that can actually monitor network traffic, detect unauthorised attempts to transfer confidential content and intercept them.

A recent article in the New York Times highlighted the risks associated with your employees using unmonitored WebMail services.

"A growing number of Internet-literate workers are forwarding their office e-mail to free Web-accessible personal accounts offered by Google, Yahoo and other companies. Their employers, who envision corporate secrets leaking through the back door of otherwise well-protected computer networks, are not pleased."
                                                      Firms Fret as Office E-Mail Jumps Security Walls
                                                      New York Times, January 11, 2007

In December, 2006, the Privacy Rights Clearinghouse reported that over 100 million records containing sensitive personal information had been involved in security breaches due to carelessness, accidents or flawed business processes. As financial services companies embrace the Internet more fully to service their customers and improve margins, the risks associated with data loss grow steadily.

In December, 2006, the Privacy Rights Clearinghouse reported that over 100 million records containing sensitive personal information had been involved in security breaches due to carelessness, accidents or flawed business processes. As financial services companies embrace the Internet more fully to service their customers and improve margins, the risks associated with data loss grow steadily.

The transformation of proprietary intellectual property (IP) Ð research findings, product designs, source code and process flows Ð into digital assets has enabled technology and manufacturing companies to speed innovation and dramatically reduce new product cycle times. However, this transformation, combined with the widespread use of outsourcing and Internet computing, has made companies extremely vulnerable to the unauthorized disclosure of proprietary IP by employee carelessness, poorly designed business processes or malicious industrial espionage.