Could DLP have saved Goldman Sachs from a big headache

In an article on Channel Insider, the author raises the question, Could a solid Data Loss Prevention product stopped the transfer of data from Goldman Sachs to a third part web hosting.

For those that don’t remember the whole story, a quick Google news search will be a quick refresher or from a New York Times article

“Mr. Aleynikov, who is free on $750,000 bond, is suspected of having taken pieces of Goldman software that enables the buying and selling of shares in milliseconds. Banks and hedge funds use such programs to profit from tiny price discrepancies among markets and in some instances leap in front of bigger orders.”

 

One key point of the article states

“DLP is often seen as the panacea for stopping the accidental or unauthorized release of data… Even the market-leading products by companies such as  Websense, Symantec, McAfee, RSA, CA and Trend Micro are limited to detecting mostly static data strings and content, such as Social Security numbers and credit card numbers.”

However this is not true within the Symantec DLP product.  Symantec acquired the market leader Vontu and rebranded it as Symantec DLP (for more information, drop me a note or visit their website). 

Symantec DLP can detect both structured and unstructured data based on the indexing technology it uses can track data such as source code, drawings or other intellectual property.

Let me give you an example of Symantec DLP protecting this type of data.  A client I was working with receives a PDF from subcontractors with payroll information on it.  This document needs to be either faxed in or brought in person, not emailed in.  Using the indexing technology of Symantec DLP, we indexed the PDF and created a policy saying if we saw X% of the PDF flag it as an incident.  We able to see several examples of this happening.

So there is the possibility of tracking unstructured data with Symantec DLP.

About these ads

3 thoughts on “Could DLP have saved Goldman Sachs from a big headache

  1. Pingback: Cstraining - Daily Healthy News Blog » Blog Archive » Could DLP have saved Goldman Sachs from a big headache « A …

  2. So are you saying that Goldman Sachs was NOT a Vontu customer? Because Goldman Sachs is listed on a Symantec/Vontu DLP sales presentation as a DLP customer. This ppt was dated Aug. 13, 2008, from http://www.icitfs.com/archive/2008/122.pdf
    One can only deduce from the presentation that Vontu/Symantec DLP was being used by Goldman Sachs and might have missed this one (or actually alerted Goldman to the IP having been stolen, but the damage was done). I guess that’s why detection accuracy is important when it comes to blocking.

  3. @suedell787

    Just re-read the article and I don’t think Symantec DLP/Vonutu was actually mentioned by name in the article.

    But yes detection accuracy is one of the most importatnt things

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s