Ok, this is one thing that is near and dear to me that we built up. It’s a thesis on how I believe defense should be handled.
When you are moving at speed, and you have questions, for example I had questions within my company about how data loss prevention was being handled. In DLP different tools can be used to look for communication. For example, I received a communication from a bank, and I was talking with this bank officer about a variety of subjects and I replied to him. In that reply the bank officer had in the bottom heading of his email, way at the bottom under all of the legal language, which said “do not forward”. It was a “do not forward” rule. Well, when I replied to him that “do not forward” rule triggered our filter, but then that went and got distributed to people that would actually take care of that within our organization. We have a “do not forward rule” for a reason.
However, that potentially, could have been a problem because it was a reply to a bank officer. What if that communication to the bank officer is because we were in a financial crisis, and all of a sudden that got forwarded to people in my organization, that then saw we were in a financial crisis? We’re not at all, this was just planning items with a bank person, but pay attention to that.
Ask your team for what all of the DLP rules are, and ask for a screen shot of them. Don’t just ask for what they are, ask for a screenshot, proof, so you can review them, and look at them, and say ‘hah, this is interesting; this is an unintended consequence of something good’. I want to know that if a customer is sending a Visio diagram to my team, I don’t want that forwarded, and that’s why we have it there. We actually put “do not forward it” in this, and it won’t go anywhere.
Just look for the unintended consequences of these advanced security systems, so you can know how your systems are actually set up. OpenDNS helps with mobile devices, we want to know where people are going. If you want to see how those rules are set up, just ask. Ask your team to send you the screenshots, and to explain the different rules. It’s a 15 minute conversation but it helps you understand how your systems are set up.
That’s my tip for today.