6 Days Left to Save $400 on SANS Security East 2016

Reading Room

Data Loss Prevention

Featuring 18 Papers as of August 24, 2015

  • Preventing data leakage: A risk based approach for controlled use of the use of administrative and access privileges Masters
    by Christoph Eckstein - August 24, 2015 

    Organizations invest resources to protect their confidential information and intellectual property by trying to prevent data leakage or data loss. They adopt policies and implement technical controls to stop the loss and disclosure of sensitive information by outside attackers as well as inadvertent and malicious insiders. They follow best practices like the Critical Security Controls, specifically Control 12 (Controlled Use of Administrative Privileges) and Control 17 (Data Protection), to prevent the unauthorized leakage and disclosure of sensitive information. One type of data loss or data leakage prevention controls includes endpoint protection solutions to stop file transfers to USB storage devices or file uploads to public websites. However, the larger and more complex the business and organization the more users that may be granted exceptions to these policies and controls in order for them to be able to fulfill their job related tasks. The approval of these exceptions is often solely based on the business need for the individual user. This raises the question of how an approval for an exception does influence the risk of data leakage for an organization? What is the specific data leakage risk for granting an individual user a certain exception? This paper presents a new approach to risk based exception management, which will allow organizations to grant exceptions based on inherent data leakage risk. First, this paper introduces a concept for evaluating and categorizing users based on their access to sensitive information. Then in the second step, a ruleset is defined for granting exceptions based on the categorization of users, which enables individual approvers to make informed decisions regarding exception requests. The overall objective is to lower the data leakage risk for organizations by controlling and limiting exceptions where the access and thereby potential loss of information is the highest.

  • The What, Where and How of Protecting Healthcare Data by Kelli Tarala and James Tarala - April 6, 2015 

    Mitigating healthcare data-loss risk by understanding the What, Where, and How of Protecting Healthcare Data.

  • Data Breach Preparation by David Belangia - March 16, 2015 

    Home Depot experienced the second largest data breach on record. ("Home Depot data breach affected 56M debit, credit cards", 2014) It started in April 2014, but Home Depot did not become aware of the problem until September 2 when law enforcement and some banks contacted them about signs of the compromise.

  • Modeling Security Investments With Monte Carlo Simulations Masters
    by Dan Lyon - September 24, 2014 

    Technical leaders and architects are frequently the interface from sponsors and management into projects.

  • Data Encryption and Redaction: A Review of Oracle Advanced Security Analyst Paper
    by Dave Shackleford - September 15, 2014 

    A review of Oracle Advanced Security for Oracle Database 12c by SANS Analyst and Senior Instructor Dave Shackleford. It explores a number of the product's capabilities, including transparent data encryption (TDE) and effortless redaction of sensitive data, that seamlessly protect data without any developer effort from unauthorized access.

  • Protecting Small Business Banking by Susan Bradley - July 22, 2013 

    Over the last several years, the use of online banking and other financial transactions have risen dramatically.

  • Information Risks & Risk Management by John Wurzler - May 1, 2013 

    In a relatively short period of time, data in the business world has moved from paper files, carbon copies, and filing cabinets to electronic files stored on very powerful computers.

  • People, Process, and Technologies Impact on Information Data Loss by Paul Janes - November 9, 2012 

    Organizations have always had contend with issue of data loss; however, with the advent of the computer and worldwide connectivity, the problem has become magnified.

  • Oracle Data Masking Analyst Paper
    by Tanya Baccam - January 4, 2012 

    This review of Oracle Data Masking, investigates the process of implementing and using data masking to mask specific confidential data types within Oracle Database 11g.

  • The Risks of Client-Side Data Storage by Edwin Tump - May 16, 2011 
  • One Touch Disaster Recovery Solution for Continuity of Operations by Rajat Ravinder Varuni - May 28, 2010 

    In this publication I present a solution where information is available during or following a disaster.

  • Data Protection Requirements Analyst Paper
    by Barbara Filkins - July 20, 2009 

    An interactive Data Protection Requirements Worksheet to map business needs against technological challenges.

  • Data Protection Requirements Checklist Analyst Paper
    by Barbara Filkins - July 10, 2009 

    A Prospective Vendor Checklist will help organizations map business needs and procure technical solutions.

  • SANS Review: McAfee's Total Protection for Data Analyst Paper
    by Dave Shackleford - June 2, 2009 

    McAfees Data Protection suite, Total Protection for Data, allows several data protection tools to work in tandem.

  • The Business Justification for Data Security by Securosis - February 10, 2009 

    In the information security world we face two major types of threats: noisy threats which directly interfere with our ability to do business and quiet threats which cause real damage, but dont necessarily prevent people from doing their jobs. Noisy threats such as viruses, worms, and spam; attack both networks and systems, and clearly disrupt productivity and business operations. With highly visible (and often very annoying) attacks, its easy to justify investments to curb their impact. When the CFO see hundreds of spam messages in his inbox, hes very likely to fund an anti-spam solution.

  • Data Loss Prevention by Prathaben Kanagasingham - September 5, 2008 

    Data breach has been one of the biggest fears that organizations face today. Quite a few organizations have been in the news for information disclosure and a popular recent case is that of T.J.Maxx. While DLP is not a panacea to such attacks, it should certainly be in the arsenal of tools to defend against such risks.

  • Data Leakage Landscape: Where Data Leaks and How Next Generation Tools Apply Analyst Paper
    by Barbara Filkins, Deb Radcliff - April 19, 2008 

    This paper maps data leakage points with regulations and best practices and tools to protect critical data.

  • The Mechanisms and Effects of the Code Red Worm by Renee Schauer - September 12, 2001 

    This paper addresses the vulnerability that was present in Microsoft Internet Information Services (IIS) web server software and the worm, Code Red, which exploited this vulnerability.

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

Masters - This paper was created by a SANS Technology Institute student as part of their Master's curriculum.