RealTime IT News

Your Data Can Get in but Can't Get Out

McAfee on Tuesday announced McAfee Data Loss Prevention (DLP) Gateway, a server gateway that ensures your data doesn't leave the network if it's not supposed to.

DLP Gateway, which sits at the server and network gateway layer, is a complement to the company's Data Loss Prevention (DLP) Host, announced in February, which is installed on the client side. As with DLP Host, Gateway allows administrators to apply defined tags to data to restrict movement.

For instance, if data were copied from a database and into an Excel spreadsheet or an e-mail document, an employee could not send it out of the company, because the tagging rules follow the data, not the original data file, according to Kevin LeBlanc, group product manager for DLP at McAfee .

DLP Gateway also helps protect against data removal on non-Windows devices, such as Macs, Linux machines, BlackBerries or USB thumb drives, because data tagged as "uncopyable" can't be copied to those devices.

In the case of the data theft at TJX earlier this year, LeBlanc noted, the DLP Gateway would have prevented it because the hacker who compromised TJX's systems left a Trojan that slowly bled off information. DLP Gateway would never let the data leave the TJX network.

"Today, without data-loss preventions in place, companies don't have the protection and control over their data," LeBlanc told internetnews.com. "The DLP Gateway says data can't leave the network. The phone-home mechanism of a Trojan or keystroke logger would be captured."

With the increasing frequency in data theft/loss stories, McAfee commissioned a survey by Datamonitor to determine the impact of data loss. The survey found 67 percent of the companies felt a data breach would damage their brand, and 30 percent felt they couldn't survive a breach.

Carl Banzhof, vice president and evangelist for McAfee, said companies fall into two camps: some lose data and don't know until it's too late, while others believe encrypting their data is enough. While most are accidental breaches, McAfee found 23 percent of the breaches were malicious, with the intent to steal intellectual property.

"Intellectual property is deemed most valuable, because people want to get access to this data to try and sell it for financial gain," he said.

He pointed to a case earlier this year where a Duracell employee stole battery designs and attempted to sell it to competitors. But they immediately reported the employee to Duracell and he was convicted of IP theft in February. There have been similar electronic thefts of the secret sauce at Coke and Pepsi.

McAfee Data Loss Protection Host is available now, and McAfee Data Loss Prevention Gateway will be available in May. Pricing will be announced around the time of availability.