|
|
|
|
|
Websense Plans to Deal with Sensitive Data Loss
By
Arun Pegu
New Delhi, May 14, 2008
In an exclusive interview with ChannelTimes, Surendra Singh, regional director (SAARC and India) of Websense, speaks about new generation of security solutions and challenges arising out of outbound data loss of an organization to Arun Pegu. Excerpts...
What kind of security support are you providing to the customers to protect their organizations from most critical assets - their websites, brands and web servers?
As the security industry has recognized the shortcomings of its different solutions, a new generation of security solutions is shipping with promises of broad visibility and control. These new tools shift the protection emphasis - from guarding enterprise infrastructure (from inbound attacks) - a model suited to perimeter boundaries and the Internet as a content resource - to guarding essential information from outbound data loss, in tune with Web 2.0 and the Internet as a business platform. Websense essential information protection embraces the challenges arising out of outbound data loss for organizations.
Websense solutions first identify early threat across email and web channels, and provide real-time identification and blocking of high-risk websites. Next, highly accurate data identification occurs on the enterprise premise and across the Internet, through lexical analysis, pattern detection, statistical analysis, natural language processing, and actual data fingerprinting. By combining these techniques, Websense provides classification and identification of Internet data, plus the data and threat understanding required to protect enterprises from data loss. It also provides Internet context for the Websense data, email, and web security solutions.
Websense protects essential information against cross-channel, blended, dynamic Web 2.0 threats. Enterprises and small to medium businesses get integrated web, messaging, and data security solutions, which make their organizations safer, more productive, and more efficient.
As the number of Internet users continues to increase, the web becomes an increasingly more attractive target for hackers, spyware and virus writers? What is Websense doing on this front particularly?
Faced with increased challenges related to different forms of malicious activity in the wake of Web 2.0 threats, today's security solutions need to protect essential information with a range of overlapping content inspection and data loss prevention. Understanding these challenges, Websense has strategically shifted the protection emphasis from inbound attacks only to a more holistic model of protecting outbound data loss, keeping the Web 2.0 and evolving interactive nature of the internet in perspective.
Websense harnesses precise classification and Internet related security threats through an advanced policy framework, which considers the user, the data, and the Internet together - to adapt rules to business workflows while maintaining appropriate usage controls. Fingerprinting establishes a lasting association of policies with data, despite standard business procedures that modify that data. A unified policy view simplifies visibility, enforcement, and reporting across activities and channels and improves consistency of enforcement.
Websense detects - who are authorized to access specific websites, sensitive content or applications? What data is critically important to the organization and must be protected from accidental or intentional leaks? How users are allowed to communicate sensitive data, and how online resources can be used more safely and productively by the organization? Where are users allowed to go online, and where can sensitive data be sent safely?
What role does Websense play in a multilayered approach to building and maintaining an effective Web-Security and End Point Security solution?
Most existing security tools offer merger protection. Over and above their high operating costs, point solutions fall short for several reasons. Changes in Internet technologies make it possible for criminals to target essential information and invite accidental disclosure. Today's commercial crime rings bypass point solutions through attacks that combine spam, email, and application channels in cross-channel techniques. Many thieves also take advantage of the lax security and freewheeling nature of Web 2.0 sites to install malicious code, key-logging software, and Spyware.
Since these techniques can be buried in otherwise innocuous websites, they will not be noticed by simple, high-level blocking based on primitive signature and database-driven filtering. Without the precision to match the legitimate business needs of different users and organizations, many point solution do more to prevent business than enable it. Frustrated organizations and users often circumvent these tools, or their blocking rules are tamed to the brink of irrelevance.
Today, not only have email and Web applications converged, today's interactive Web communities are very different from the world of informational sites in simple content categories. Web 2.0 uses dynamic programming to build unique Web pages that present different content to suit the moment, history, and attributes of the user. This web is not just about the coffee break visit to MySpace, but about commercial sites-Wikipedia, LinkedIn, YouTube, and Google-that support legitimate research. These sites may be benign, or they can ensnare users into revealing sensitive data.
Do you adapt some product strategy to provide protection from Spyware, bot networks, phishing attacks and other malicious threats at the gateway, network and desktop?
Today's commercial crime rings bypass point solutions through attacks that combine spam, email, and application channels in cross-channel techniques. Many thieves also take advantage of the lax security and freewheeling nature of Web 2.0 sites to install malicious code, key-logging software, and spyware. Since these techniques can be buried in otherwise innocuous websites, they will not be noticed by simple, high-level blocking based on primitive signature and database-driven filtering.
Websense harnesses precise classification and internet related security threats through an advanced policy framework, which considers the user, the data, and the internet together to adapt rules to business workflows while maintaining appropriate usage controls. Fingerprinting establishes a lasting association of policies with data, despite standard business procedures that modify that data. A unified policy view simplifies visibility, enforcement, and reporting across activities and channels and improves consistency of enforcement.
Through your expertise in Security Labs, how do you discover new high-risk threats such as Microsoft WMF and web sites using the Sony DRM exploit?
Websense Security Labs monitor and alerts enterprises on today's advanced internet threats. It enables organizations to protect employees' computing environments from increasingly sophisticated and dangerous internet threats.
Do you provide any timely product information updates to your customers, and are you providing protection within the minutes of the discovery of a new threat?
Websense Security Labs (WSL) discovers and investigates internet threats, researches and classifies them, and publishes timely product and information updates to the security community and Websense customers to support them in securing their infrastructures. Websense Security Labs' worldwide network of computers provides global, 24 x 7 analysis of the web. Over 450 million sites per week are mined and analysed through automated data mining and human analysis processes. Additional websites and applications come through the Websense patent pending WebCatcher and AppCatcher customer feedback loops while security researchers continually monitor newsgroups, chat rooms, security websites, and online forums for the latest vulnerability releases and proof-of-concept exploits. Websense Security Labs proactively discovers and immediately protects against new web-based threats.
According to the Websense Web - Work Survey, 2006- in fact, 14% of IT decision makers said they are very or extremely concerned about compliance with regulation around the loss of intellectual property. Where is your company's stand as per the loss of intellectual property is concerned?
As enterprises increase their use of the Internet, they spur the invention of new, more targeted threats in a vicious cycle. While once thieves attacked from the outside, attackers now rely on internal employee or partner error. Converged communication channels and Web 2.0 techniques provide new ways to entice essential information to be sent outside the enterprise, often without the user even knowing. Of course, misspelled email addresses and auto-fill will still cause accidental information losses, and disgruntled or avaricious employees will find ways to steal or broadcast information. Security challenges are additive; that is why security solutions must evolve.
Data loss prevention (DLP) tools offer great promise to protect loss of intellectual property. They attempt to address the two key problems of identifying where sensitive data is at risk in the organization and how the data is leaving the organization. They accomplish the first by identifying the sensitive data at rest. They accomplish the latter by protecting against transmission of confidential and regulated data out the organization through Internet communication or endpoint applications, including use of removable media. These capabilities truly complement Web and email security tools to meet today's challenges. They provide visibility into data flows across and out of the organization. Many enterprises can benefit from even basic visibility into how their data is being used and what regulations or standards may apply to that data. However, that is just a start. Before they can be effective, without disrupting the business, DLP solutions must understand enterprise data with deep accuracy, as well as understanding the risk and business processes that surround that data.
With the proliferation of so many products, customer confusion can and will occur. To win in such a hypercompetitive market (excited and anxious), to stand out, do you think prices factor, performance, the mix of security functions is more important than manageability, security knowledge services and security interoperability?
Enterprises today are demanding highly optimized web and email security solutions with accuracy, ease of manageability and that too at competitive prices. Manageability of security solutions at a competitive cost is no more an issue with the availability of hosted security services. Hosted email and web security offers a number of advantages for organizations of all sizes, including reduced cost of ownership compared to on-premise solutions, easier management of security capabilities, and the highest level of protection from threats possible since hosted providers bear the brunt of all security threats and have a highly robust set of capabilities than most organizations could afford to deploy, customers are insulated from the growing array of problems launched against them by adopting a hosted model.
Websense is already positioned as a revenue leader in the SCM (Secure Content Management) market. To what extent does Websense offer superior manageability with its products, as well as to provide multilayered approaches to build and maintain the security infrastructure?
Websense is the market leader in Web security and a technology leader in the prevention of internal information leaks, with 26 million users worldwide. It holds more than half of the market share in India's web content filtering market. According to Frost and Sullivan, Websense is the single largest player with 59% market share in the web content filtering market for 2005.
What is ThreatWatcher and how does it provide Websense customers with a hacker-eye view of their web server, reporting on risk levels and recommended action through a web-based portal?
ThreatWatcher provides Websense Web Security Suite customers with a 'hacker's - eye - view' of their web servers, regularly scanning for known vulnerabilities and potential threats, and reporting on risk levels and recommended actions through a web-based portal. With ThreatWatcher, organizations can prevent attacks on their web servers before they can happen.
Related Link
Websense Rolls out Data Discovery Solution
|
Disclaimer |
UNML and its sites:
www.channeltimes.com, www.techtree.com
and www.cxotoday.com provide
Comments and discussion boards as a professional medium
for the various businesses of the IT industry to discuss
business problems. Gossip, personal attacks and unsubstantiated
charges are prohibited. Messages posted on this Web site
as discussion threads or Comments (Content) are solely the
opinions of their creators and do not necessarily reflect
the opinions of UNML or its sites
www.channeltimes.com, www.techtree.com
and www.cxotoday.com.
All individuals who post material to this web site are solely
responsible for all Content that they upload, post or otherwise
transmit via the Web Site. |
| UNML
cannot vouch for the authenticity of the user or company
names or e-mail addresses associated with posted messages.
Under no circumstances will UNML
or ChannelTimes
be liable in any way for any Content, including, but not
limited to, for any errors or omissions in any Content,
or for any loss or damage of any kind incurred as a result
of the use of any Content posted or otherwise transmitted
via the Bulletin Boards. |
| UNML
reserves the exclusive right to edit or remove messages
containing inappropriate language or other material that
could be construed as libelous, potentially libelous, or
otherwise offensive or inappropriate. Discussion forums,
bulletin boards and chat facilities are provided by UNML
solely for the convenience of those who make use of the
service. UNML does not endorse the products and services
or other offerings mentioned in messages. |
|
|
|
|
|
