IT has always had the charter to protect data. Most organizations spend the largest part of their security budgets on Firewalls, Intrusion Detection , and Anti-virus solutions. The real risk of security breach does not come through the front door, but through the back door and windows of an organization. Image building a house with a steel front door with dead bolts and a security alarms to alert you if someone enters that door without your permission. Now image the backdoor and windows of this same house with no locks of any kind, that wouldn't
make sense. This is how most organization protect their data, they install steel doors and dead bolts by installing firewalls, and they install security alarms by installing intrusion detection systems, while they leave the backdoors and windows of an organization without locks. Most organization have a mobile workforce that use Laptops, PDAs, Smart Phones, and Zip and USB drives. These mobile devices are the windows of an organization and are often not adequately protected. What happens if these devices are lost or stolen? The data on these devices can be easily obtained. The backdoors of an organization are their backup tapes. Most organization don't encrypt their backup tapes. The headlines are filled with stories of organizations who had backup tapes lost or stolen, these organizations exposed personal information, customer information or company intellectual property. The damage to some of these companies will never be repaired.

Good Article...did you know that Database insurance is currently available.

Companies of all sizes now have an insurance solution specifically designed to address most of these exposures.

Coverage Includes:

 Legal liability damages
 Defense costs
 Regulatory Action Expense
 Notification Costs
 Crisis Management expense
 Identity theft recovery assistance

The explosion of electronic data processing and transmittal as a daily part of business has dramatically increased the incidence of identity theft. More than 100 million Americans have had their personal information compromised since February 2005.

 Minimum Premium $1,000
 Maximum Limits $25,000,000

Visit us at www.databaseinsurance.com

Interesting, but overlooks two important aspects...

The focus of the analysis is on preventing sensitive information from leaving the organization - but real business depends on external communications with partners etc.

The type of research that says that losses are mostly accidental ALSO says that a lot of the losses occur while data is in the hands of trusted partners. A monitoring solution cannot realistically be applied to anyone's network but your own. After all, would you let anyone else monitor your network looking for sensitive information flows?

CIOs need a solution that also protects information when it is shared perfectly legitimately and necessarily with external parties, and that external parties will tolerate on their networks.

The 11th myth, arguably, is that the risk can be controlled by the traditional means of applying solutions within your own perimeter. Real business communication is no respecter of perimeters - so CIOs should be looking at Information Rights Management too. IRM enables your policies to be applied to external comms as well - and has powerful synergies with DLP for this reason.