Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenDLP Aims To Stem Data Loss

Posted by kdawson on from the fly-free-little-bot-but-phone-home dept.

rollcall writes "A new free and open source tool, OpenDLP, has been released that will help organizations fight data loss caused by stolen laptops, missing HDDs, or compromised systems. OpenDLP is managed from a centralized Web application and it can simultaneously send and control thousands of non-intrusive agents to Microsoft Windows systems over NetBIOS that look for user-defined regular expressions in data at rest. When sensitive data is found, the agents 'phone home' to the Web app with their results. While organizations have continued to lose sensitive data even though many commercial products are available to help prevent this, perhaps the introduction of a free alternative will finally spur organizations to locate their sensitive data proactively before it is lost."

8 of 53 comments (clear)

  1. Non-Intrusive agents? by gyrogeerloose · · Score: 3, Insightful

    it can simultaneously send and control thousands non-intrusive agents

    Anyone else out there find this statement just a bit worrisome?

    --
    This ain't rocket surgery.
  2. Re:Correct me if I'm wrong, but... by CarpetShark · · Score: 3, Insightful

    You don't get it. With this, you can put an agent on the laptops with sensitive information to contact you and inform you that the laptops have sensitive information on them.

  3. DLP? by mseeger · · Score: 3, Insightful

    Hmmm.... While this is usefull for several security functions, it only covers a small part of what i would consider a DLP solution. When (for example) sensitive information has to be allowed on the Notebook or PC of an employee, i want to make sure of several things:

    • the disk is encrypted (or an alarm is raised),
    • writing it on a CD or USB-Stick is prevented or (when allowed) the file again again will be encrypted (and can only be read on other company PCs) and
    • the information is neither sent by email nor uploaded through a web application outside the company.

    What i want is a tool that lets me formulate a Policy concerning the aspects mentioned above (and more). E.g. certain information must not be stored localy (covered), that information may be stored when certain security criterias are matched and this information shell not be sent by email (unless employeed confirms this has been cleared with manager X).

    Trying to prevent information to be stored on a PC of an employee is only a solution for a subset of the DLP problem. While i think this opensource solution is quite usefull, the name "OpenDLP" led me to expect more.

    CU, Martin

    P.S. I already see some companies using this to search for the sensitive word "application" on all employeed hard disks ;-)

    1. Re:DLP? by bragr · · Score: 2, Insightful

      It may not be perfect or complete, but it is better than nothing, which is was what a lot of companies have now.

    2. Re:DLP? by mseeger · · Score: 3, Insightful

      I think you could easily do that on a linux system today. If the encrypted partitions are mounted with only read permissions of a certain group, and all trusted programs are setguid and a member of that group, wouldn't that do what you wanted?

      This is a way to solve one technical aspect (i would guess you are correct about the technical aspect). The difficult thing is to design a solution that let's you enforce a policy in your enterprise. First it has to run in the environment that is already in place (i regret to inform the audience, that this usually isn't Linux). Second it should help you to enforce the policy and not force you to adopt the policy to the technical limitation of the solution. And third (and most important) the solution has to scale. While it is relatively easy task to secure one PC or even a dozen, it is a hell of a job (real-life example) to do this for 12.000 PCs when you only have 5-6 guys for the IT-security (including firewalls, VPN, virus scanners, certificate manegement, anti spam solutions, RADIUS, WLAN, etc.

      I give up for now.

      No surrender accepted :-) Keep on ....

      CU, Martin

    3. Re:DLP? by Anonymous Coward · · Score: 1, Insightful

      yes, that makes perfect sense and isn't at all paranoid or delusional, because the next logical step after the existence of this piece of software is that companies will blindly give it the ability to fire employees without any investigation or human intervention.

  4. Ooh, ooh, I've got a regex to use! by TheSpoom · · Score: 2, Insightful

    ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$

    Oh yeah, it'll totally prevent loss...

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs
  5. Re:NetBIOS? by ducomputergeek · · Score: 2, Insightful

    I was thinking the same thing. We've been dealing with PCI certification stuff and one of the requirements is to turn off NetBIOS.

    --
    "The problem with socialism is eventually you run out of other people's money" - Thatcher.