Information/Data leakageEmil Hermansson

Definition

Information leakage is when a system designed to be closed for outsiders reveals information to unauthorized parties

It is very common that there is some amount of information leakage, even though the leakage may be harmless. There might be a leakage that you are sending a message, but no information about the message or to whom you are sending it

Special elements in this threat

There are hackers (crackers is another name used) who seeks and exploits weaknesses in networks

Some information might also be leaked unintentionally by mistake

Information about a companys customers or their personal information is something that might leak and harm the company

Examples

WikiLeaks is an example of a site that provides all sorts of information leakage. It might not be from the social media so much and the main source of the leakages are whistleblowers.

Google accidentally leaked information about their earnings too early, costing the company USD22 Billion

All users of social media that do not protect their privacy sets themselves prone for identity theft

How to prevent the threats

DLP stands for Data Loss Prevention.

There are many companies providing softwares and services to help companies prevent information leakage

All major antivirus companies offer DLP services

There are three different levels of DLP:- Standard security measures that include firewalls and antivirus software- Advanced security measures that include detecting of abnormal activities and employ machine learning- Designated DLP solutions that include all intentional and unintentional unauthorized sending or copying of sensitive data

Sources

http://www.networkworld.com/research/2008/010708-data-leak-nightmares.html

http://nakedsecurity.sophos.com/2012/10/19/data-leak-google-stock/

http://en.wikipedia.org/wiki/Data_loss_prevention_software

http://wikileaks.org/About.html

http://en.wikipedia.org/wiki/Information_leakage