May 4 2010
The NetFlow collection and analysis leader and the vendor of the StealthWatch System who provides flow-enabled security and network performance monitoring, Lancope, will showcase StealthWatch’s Suspect Data Loss alarm during the InfoSecurity Europe 2010.
This alarm is capable of warning organizations of potential data extractions irrespective of the encryption or protocol technique or the format of the data, thereby improving StealthWatch’s ability to safeguard against leakage of data and enhancing end-to-end visibility over virtual and physical networks. It can also work with unstructured data schemes usually utilized for storing private health information and identification numbers of employees.
Compared to this tool, other tools used to prevent data loss require visibility at the packet level for detecting social security numbers, credit card numbers, and employee identification numbers passing out of the network. This would need the deployment of expensive probes in the network, and manual configuration and maintenance which is expensive. StealthWatch does not need probes nor is it is required to be positioned inline in the network unlike the customary DLP tools; instead it gathers and examines the flow telemetry in a cost effective manner to provide visibility on both virtual and physical networks. It associates any network activity with a username to extend the visibility for improving the audit controls stipulated for regulatory compliance.
The StealthWatch empowers organizations to exercise more control over their networks and facilitates mitigation actions immediately when any breach is identified, ranging from initiating an in-depth analysis to block and prevent a particular transaction from going through to providing time for investigation. It is possible to modify baselines and blocking actions, as well as traffic amount threshold exceptions.
According to current studies, the average cost incurred by an organization for a data breach is nearly $7 million with this number predicted to continue rising. Most organizations accord top priority for the prevention of data loss. The alarm developed by Lancope is able to identify anomalous transfer of data in a network to the Internet. It detects unusual network behavior that indicates loss of data quickly and offers details on the involved users, the quantity of transferred data, the services utilized, and the duration of the communication, and whether the event is a recurring type. It is the only flow-enabled system that decreases loss of data and scales for monitoring global networks for network performance, virtual operations and security through one platform.
Lancope’s CTO Adam Powers informed that many organizations assign top priority to data loss prevention, more so when expenses due to the breach rise and stiff penalties are imposed by regulators where loss of customer records are involved.