Monday, April 30, 2007

Think *ACCIDENTAL* Leak Prevention

The other day there was some [as usually] fierce debate on leak prevention products on dailydave (started with this).

Here is a useful bit of insight that emerged from this discussion: if you think of such products as ACCIDENTAL leak prevention defenses, you will likely get over the intense desire to claim that "they are all hopelessly broken by design." This idea was inspired by this post , which said: "There is no doubt that these systems are evadable [...] Inadvertent data leakage is a different story [and can be managed effectively]."

Indeed, insider data theft is a MUCH more complicated problem than packet sniffing can ever be, but - you know what? - much more data "leaves the house" due to incompetence than malice, so these products are actually useful ... At this same time, if you think "buy a box - stop a dedicated insider from stealing your valuable data," you definitely need your head examined by a certified veterinarian :-)

Dr Anton Chuvakin