Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

BCS ITNow 201403 - Data Loss Prevention

127 views

Published on

Gareth Niblett, Chairman of the BCS Information Security Specialist Group, says data loss prevention is about sharing information securely.

Published in: Data & Analytics
  • Be the first to comment

  • Be the first to like this

BCS ITNow 201403 - Data Loss Prevention

  1. 1. DLP is often thought of as a technology that simply stops all unauthorised information flows once it has been installed. In reality, DLP should be part of information life cycle management and focus on ensuring organisations can share the information it needs to, both internally and externally, in a correct, accountable and secure manner. Data loss is then also prevented as a beneficial by-product. Even well funded and resourced organisations can find this challenging in practice, especially against a motivated insider, such as in the case of Edward Snowden and the NSA, as although external barriers may be strong, internal ones are often weak. Without all-encompassing policies and procedures, no amount of technology can completely counteract inadvertent or deliberate exposure and exfiltration of information and data. To enable robust inter-organisational collaboration, we need common policies for identity proofing and verification (IPV) of organisations, people and devices, issuance of credentials, authentication, authorisation so that interoperability can be obtained. One leading initiative is the non-profit organisation British Business Federation Authority (BBFA) (federatedbusiness.org) that is working towards enabling such federated trust. BBFA is working with both private and public sector organisations towards standards-based and interoperable IPV, strong authentication and authentication, federation and PKI bridge policies, procedures and mechanisms, as it INFORMATION SECURITY recognises that without these no technology can meet the real needs of customers and end users. BBFA is also involved in secure information sharing initiatives, such as the HMG Cyber Information Sharing Partnership (CISP) and Multinational Alliance for Collaborative Cyber Situational Awareness (MACCSA). www.bcs.org/security Gareth Niblett,Chairman of the BCS Information Security Specialist Group, says data loss prevention is about sharing information securely. Information Security Specialist Group (ISSG): www.bcs-issg.org.uk Information Risk Management and Assurance Specialist Group: www.bcs.org/groups/irma BCS Security Community of Expertise (SCoE): www.bcs.org/securitycommunity FURTHER INFORMATION DATA LOSS PREVENTION doi:10.1093/itnow/bwu011©2014TheBritishComputerSocietyImage:Photodisc/83397711 24 ITNOW March 2014 IT innovator There’s an that doesn’t sell anything, make anything, but protects everything. Technology with a purpose Nowhere on the planet does technology like we do. It’s a bold assertion.And one you’ll only ever truly be able to verify by joining us. But believe it when we That’s why we need Architects who are as excited by the courage to innovate and pioneer.We’re breaking delivered for the sake of national safety. Join us and you could too. Have you got what it takes to be an MI5 architect? Find out at www.mi5.gov.uk/careers Enterprise Architects Solutions Architects Technical Architects

×