Data Leaks

When Google accidentally distributed product plans and revenue projections in the notes section PowerPoint presentation in April 2006, the company’s market cap fell about $4 billion in days. Other organizations, including the White House, the United Nations, and Merck, had significant leaks of confidential data. These examples demonstrate that even the most sophisticated and technologically advanced organizations in the world are vulnerable to the so-called “insider threat.”

Confidential data loss can also be internal. Performance reviews have been emailed to the wrong person. Salary lists have gotten into the wrong hands.

Whether the leaks were accidental or intentional, the flow of confidential information must be monitored and controlled.

Out of the box, the InBoxer Anti-Risk Appliance comes with filters for identifying common private information. The personal content filter can identify personal information, such as social security numbers, telephone numbers, and California Driver’s License numbers. The system can then be taught by your staff or ours about your proprietary patient account formats and patient lists. Lists can be updated easily by your personnel.

Confidential information that is specific to the company can be registered with the system. For example, a list of confidential project names can be combined with a list of authorized email addresses. If a document or message containing the project name is sent to an internal or external address that is not on the list, an immediate alarm can be raised. Or a simple filter can be created to monitor documents marked as confidential, but ignores standard confidential disclaimers that cause false-positives in other products.

For urgent action, the InBoxer Anti-Risk Appliance can send an alarm or report when rule is violated. It can even send a message to the message author reminding them that such mail should not be sent in the future.