Could DLP Have Saved Goldman Sachs from a Big Headache?By Lawrence Walsh | Posted 2009-07-16 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
A former Goldman Sachs programmer is accused of stealing proprietary software that gave the megabank a competitive advantage in the market. DLP probably couldn't have stopped the incident, but future versions that include identity awareness may just do the trick. Here's how.
Could data loss prevention technologies have prevented Sergey Aleynikov from allegedly stealing proprietary software from his former employer, Goldman Sachs? Perhaps yes. Perhaps no.
While Goldman Sachs was defying the death spiral engulfing other large banks and trading houses by posting a $3.4 billion third quarter profit, computer programmer Aleynikov allegedly transferred 32 gigabytes of proprietary code from the bank to a hosting service. The code accelerates trading transactions and enables quick high volume banking transfers. Authorities say the application gives Goldman a competitive advantage in the market and, if released, could have cost the bank billions of dollars.
While the exact means that lead to Aleynikov getting caught remains unclear, authorities have said that they traced the code back to his former work computer and to a server in Germany. DLP could have been used, but it would seem that a DLP system would have detected and stopped the data transfer. More likely that log management and forensics were the heroes in solving this mystery.
Data loss prevention (DLP) is often seen as the panacea for stopping the accidental or unauthorized release of data. However, current DLP remains more a work in progress than state of the art technology. Even the market leading products by companies such as Websense, Symantec, McAfee, RSA, CA and Trend Micro are limited to detecting mostly static data strings and content, such as Social Security numbers and credit card numbers.
The current race among security vendors is tying identity management to data loss prevention. The logic behind combining these two technologies is crystal clear: by knowing who is doing what, you can apply granular polices against the data the user accesses and transmit. And, if the user does something malicious or inappropriate, it’s much easier to prove the act.
Data protection - transactional data, customer records and intellectual property - is a major concern among CEOs and senior enterprise executives. According to a new study by the Ponemon Institute and Ounce Labs, 77 percent of enterprise CEOs says preventing cyberattacks and insider data leaks is important or very important.