Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Data Loss Prevention (Vontu)
Showing posts in English
khaley | 27 Apr 2009 | 6 comments

 It’s happened to all of us, hasn’t it? You’re being driven to an important meeting. You prepare for the meeting by reading a top secret document, something related to national security. The chauffeur pulls up to the building and in a hurry to get to the meeting your grab your papers and portfolio and jump out of the car. Exiting the car you are greeted by the press. They take your picture. You give a brief wave and head into your meeting. Happens all the time. Unfortunately the top secret document you were carrying was sitting on top of your portfolio, in just the right position that most of the contents of the document can easily be read in the all photographs that were taken. Don’t you just hate when that happens to you?

Okay, maybe you can’t relate. You don’t have a chauffeur, top secret documents or even people other than your mom wanting to take your picture. Someone who can relate is Bob Quick, the former assistant...

Pamela Reese | 13 Apr 2009 | 0 comments

Are your employees stealing critical information as they leave your company? Symantec worked with The Ponemon Institute to find out. The results of our 2009 study may surprise you. 

Watch:  Symantec-Ponemon Data Loss Risks During Downsizing Study

Pamela Reese | 08 Apr 2009 | 1 comment

Data loss prevention (DLP) is a serious technology that addresses the serious issues around information risks. However, even serious topics can benefit from an injection of humor to help illustrate the issues. Please enjoy our third cartoon in the short series about The (Mis)Adventures of Dave L. Preston that tackles the importance of content discovery.

imagebrowser image

khaley | 01 Apr 2009 | 0 comments

Conficker; there has probably never been a virus or worms with so much written about it.  And now that’s it’s April 1st and the world has not come to an end, many people are no doubt questioning whether Conficker was a bust and nothing we didn’t needed to worry about, if the threat itself was over hyped, and it all the electronic ink spilled about this threat was worth it.  I’ll give you my opinion, but first a status update of Conficker.

April 1st has come and as predicted machines infected with Downadup.C have switched to the new communication algorithm.  But when these infected machines are able to communicate back to a Command & Control server they are not getting updated with a malicious code payload.  In other words, no large or small, malicious attack has been unleashed by Conficker.

So is Conficker a bust for the bad guys?  No.  One thing we can tell about this worm is that whoever is behind...

khaley | 31 Mar 2009 | 22 comments
Interest in the Conficker (or Downadup) is reaching a frenzied peak.  As media interest in this worm continues to rise, customers are asking if Symantec is ready for Conficker. The answer is a resounding yes.  Symantec customers are already protected (as long as they are running the latest AV and IPS definitions). This article provides a short overview of Conficker (Downadup) and the protection offered by Symantec products.
 
Background
Conficker first appeared in late 2008 as the first worm in the wild to leverage a newly reported vulnerability in Microsoft Windows’ Remote Procedure Call (RPC) service (MS08-067).  Symantec named the worm Downadup, but over time the popular name for this threat has become Conficker.  Symantec customers were quickly protected from the vulnerability with newly released IPS and AV signatures. 
 
In late November,  a new variant...
Pamela Reese | 30 Mar 2009 | 0 comments

A new study from the TheInfoPro and Symantec titled “Why Data Loss Prevention?” found that DLP is the top security initiative and pain point for Fortune 1000 companies. The findings are based on over 140 in-depth interviews with Fortune 1000 Information Security professionals about their key issues, budget priorities, and preferred vendors across a range of information security solutions.

Pamela Reese | 25 Mar 2009 | 0 comments

Data loss prevention (DLP) is a serious technology that addresses the serious issues around information risks. However, even serious topics can benefit from an injection of humor to help illustrate the issues. Here is our second cartoon in the short series about The (Mis)Adventures of Dave L. Preston that explores the insider impact on data loss.

imagebrowser image

Pamela Reese | 17 Mar 2009 | 0 comments

Data loss prevention (DLP) is a serious technology that addresses the serious issues around information risks. However, even serious topics can benefit from an injection of humor to help illustrate the issues. We have a short series about The (Mis)Adventures of Dave L. Preston and look forward to sharing future installments over the coming weeks.

The (Mis)Adventures of Dave L. Preston

Kevin Rowney | 01 Dec 2008 | 0 comments

Myth #5 – Classroom-format employee security education works

 

Origin

This is another well-documented "fact" found in security textbooks that turns out to be largely false.  No one would argue that its bad thing for employees to know the basics about compliance with state, federal, and enterprise regulations and policies. But what most practitioners don't realize is that basic classroom-format training has little measurable effect on employee-driven data loss rates.

 

What we see

We've run hundreds of DLP risk assessments at large enterprises.  In many of these engagements, we've scheduled the assessment in tandem with employee privacy training in an attempt to measure changes in behavior that the training might elicit.  Amazingly, we've never seen a single case of measurable decrease in the rates of data loss perpetrated by well meaning insiders after classroom-format...

Kevin Rowney | 01 Dec 2008 | 0 comments

Myth  #4 -- Encryption as a primary effective control against data loss

 

Origin

This myth has a long history since encryption technology predates the digital era.  Encryption, as the first choice of protection measures against data loss is, almost a sacred cow of information security trade craft.  Most practitioners simply take it for granted that encryption (and for that matter DRM) are basic forms of protection that should be your first choice of technologies to help prevent the theft of data.

 

What we see

Obviously, a large number of basic applications of encryption are vital and necessary protection measures.  Automatic protection of content via encryption is a fundamental security protection with well-established value.  Whole-disk encryption of laptops, basic channel security via SSL or VPNs, encipherment of database records...all of these have clear value.
 
However....