Info from the trenches. Using DLP to Protect PII and Blog/Wiki Information

Sometimes, I’ll have a conversation with my customers that is very relevant, and I’ll  feel that it makes sense to pass the conversation onto others.

Last week was just such a case. I had a meeting with the CISO of a government agency and his staff. The conversation covered a number of topics, including Web 2.0 security, and  protecting sensitive information, including personally identifiable information (PII).  I felt all of the conversation was valuable, but I thought that I’d cover the portion of the conversation related to blogging for this article.

The conversation revolved around blogging and wikis, both internally and externally, and protecting sensitive information being leaked from or by blog and wikis.

Different scenarios were discussed, including blogs designed solely for internal use, blogs designed for external use, and blogs which recieve contect from external users.

Internal Blogs: Aren’t internal blogs and wikis, sitting behing the firewall, with limited access, protected? Here’s the paradox! While the blogs themselves are protected, the data sitting on those blogs is now centrally located, and arguably more of a target.  By setting up a permitted platform to allow information sharing, you’ve also set up a central repository of sensitive and valuable information.

You can protect the information found on internal blogs from exiting your organization in an inappropriate fashion by using data loss prevention (DLP) data fingerprinting on the underlying database.  Adding fingerprints to the DLP database provides a way to identify wiki/blog data that is being used inappropriately (i.e. someone tries to email this data to an external party), and stop its transmission.

Blogs for external use: Data leakage to external blogs could be a problem as well, as authors mistakenly publish sensitive material to a public facing website.

DLP provides a way to identify and stop data deemed sensitive or personal in nature. By setting up a policy that monitors the blog web interface, an agency can minimize the risk of sensitive information being exposed accidently.

Sensitive Data and PII Being Placed on Blogs from the Outside. In this scenario, users post information that compromises their own PII or sensitive information on an agency website.  For example, a Veteran uses a blog application and sends their SSN or medical records, not realizing that it would be exposed publicly.

In this case, the author’s comments are sent to a queue, pending acceptance from the publisher. DLP discovery could be used while this information is sitting in the queue, and if there is sensitive information, warn the publisher and other interested parties.

This was a good example of the conversations that I am having with our Federal Customers. My company provides practical solutions to difficult problems.

If you are interested in having a similar conversation regarding your agency’s information assets, please contact me at 410-740-3490 or paul@paulmisner.com

Leave a Comment

Your email address will not be published. Required fields are marked *

9 + 2 =