Subscribe to the Blog
During the last few years I have been in touch with many CTOs and one of the topics was: are you aware about what is happening in your network, with your data? And the answers were in a wide range: yes sure (these are the guys who pretend to know but they do not have a clue about that is happening) or no we don’t (in most of the cases these people were aware of what is happening but they are pretending not to know).
The first case: the guys who pretend to know but they do not have a clue about that is happening were not able to answer to a single questions from this scenario: you have a confidential document on a server – can you please tell us how many users have accesses the document during the last month? And the answer to this question was no – we cannot tell. Even if there were aware of using several software products that should provide such an information, or even something easier: can you tell if the file has been copied to a removable device like a pen drive or mp3 player? No – the answer is no and the risk is real.
The second case: the people who were aware of what is happening but they are pretending not to know, were able to answer to the question: you have a confidential document on a server – can you please tell us how many users have accesses the document during the last month? Yes – we are using the domain policy to audit the file access from the network. That is the correct answer – more details in a new post – and now the second question: can you tell if the file has been copied to a removable device like a pen drive or mp3 player? No – because the auditing cannot tell if the file has been copied to such a USB device so in this case the risk is also real.
The access to sensitive documents is something that any decent sys admin should be able to manage but there is a real risk that sensitive data to leave the network by email (we will have a post for this topic as well) or by using the USB storage, The product that we are working on USB Safe Keeper will be able to solve the problem that both our types of users are facing: can you tell if the file has been copied to a removable device like a pen drive or mp3 player? And the answer will be yes – the user x on the computer y have copied the sensitive file to his iPod on Friday 31 August 2009. And this is a big plus for any organization.