Security advisors Securosis are back with the next installment of their series on getting quick results from Data Loss Prevention (DLP). Here, they describe things you need to do to get ready to deploy DLP:

In Part 1 of this series on Low Hanging Fruit: Quick Wins with DLP, we covered how important it is to get your process in place, and the two kinds of violations you should be immediately prepared to handle. Trust us -- you will see violations once you turn your DLP tool on.

Today we'll talk about the last two pieces of prep work before you actually flip the 'on' switch.

Users need to prepare their directory servers, so that they can easily identify people causing data leaks. Directories need to make it easy to identify the human being behind a data leak, not just an IP address or login. The directory also needs to make it easy to connect the person with the business unit and job function. "Someone in HR or Legal usually has authorization for different sensitive information than people in IT and Customer Service, and if you have to manually figure all this out when a violation occurs, it will really hurt your efficiency later," Securosis says.

Users also need to be sure the DLP solution is integrated with the IT infrastructure, Securosis says.

Read the rest: LHF: Quick Wins in DLP, Part 2

Part 1: Low Hanging Fruit: Quick Wins with Data Loss Prevention

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.

Prestigious social media blog Mashable did a write-up this week about our own Jeremy Pepper, Palisade's director of public relations and social media, about using social media for marketing, particularly business-to-business marketing. Jeremy describes how Palisade uses Twitter and blogging to get the word out and participate in conversations about Data Loss Prevention, security, and our solutions:

Pepper offered some insight into how he uses social media with Palisade Systems, a business-to-business data loss prevention company. For Palisade, the main goal is to increase the company’s name recognition. Because data loss prevention deals with sensitive data and often regulatory compliance (for things like HIPPA/HITECH, FERPA and others), having strong name recognition is important, as a known name can often be equated with trust.

Palisade follows security experts and industry analysts on Twitter, to take part in conversations around enterprise security. And Palisade follows keywords on Twitter and communicates with CIOs and IT people who are asking questions about DLP, and then sends out case studies or connects directly.

Read the rest: How PR Pros Are Using Social Media for Real Results

Eric Wilmeth, Palisade director of training and programs, writes:

As potential data breaches proliferate, network administrators face the choice of implementing separate tools for each type of threat, or finding one tool to cover a variety of potential breaches. Each approach has its potential benefits and liabilities, but at Palisade Systems, we’ve chosen the multi-tool approach with our PacketSure™ solution.

Having a specific tool for a specific job has benefits, but can be costly. Specialized tools have premium price tags. Added to the up-front cost of the tools themselves are the need for additional operational staff (or added responsibility for current staff), increased difficulty correlating reports and data, and ongoing annual costs. All those expenses diminish the benefits of specialty tools.

Multiuse tools have lower cost of operation and ownership, and are therefore especially useful for small and medium-sized enterprises, with constrained budgets and staffing resources. When you stack up the cost of multiple tools against a single multiuse tool, you find financial benefit and value to the multiuse tool.

Also, aggregating and reporting data becomes much simpler. Multiple tools often require yet another tool just for pooling information, but the multiuse tool consolidates reporting.

And the multiuse tool requires less labor to implement.

Palisade System’s PacketSure™ Data Loss Prevention solution is a multiuse tool that covers the many avenues of today’s potential data breaches, and is built to anticipate and provide for new avenues that will emerge tomorrow. PacketSureTM allows users to monitor and control private and sensitive data. Compared with other products that are specific to email or web usage, PacketSure™ monitors more than 140 types of network traffic and communication. PacketSure™ doesn’t just watch for data loss, it also fixes problems to keep data secure. PacketSure™ is second-to-none in ease of use, reporting, and securing data. PacketSure™ is also the most cost-effective solution on the market today.

Every organization is different, but all organizations need to save money. Quality multiuse tools like PacketSure™ can help cut costs, while keeping organizations’ secrets secure.

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.

Proper Data Loss Prevention can get organizations fast results if deployed with a little bit of preparation, according to a recent blog post from security advisors Securosis, which also provides advice on how to successfully get quick DLP wins. ("Low Hanging Fruit: Quick Wins with Data Loss Prevention")

In addition to deploying technology, organizations need to put business processes in place for dealing with data leaks once they're uncovered by the technology:

Nearly every DLP reference I've talked with has discovered actionable offenses committed by employees as soon as they turn the tool on. Some of these require little more than contacting a business unit to change a bad process, but quite a few result in security guards escorting people out of the building, or even legal action. One of my favorite stories is the time the DLP vendor plugged in the tool for a lunchtime demonstration on the same day a senior executive decided to send proprietary information to a competitor. Needless to say, the vendor lost their hard drives that day, but they didn't seem too unhappy.

We have our own about a hospital that discovered an attack in progress on its network the day that it activated our PacketSure™ solution -- and that was just a free demo. They hadn't even bought the product yet. As you might imagine, they did buy it, though. ("PacketSure Detects Attack on Gibson General Hospital. And That Was Just the Demo.")

As DLP solutions uncover problems, companies will face two different kinds of data leaks: Those caused by business process failures, and those which are "egregious employee violations," Securosis said. As you might imagine, the two kinds of leaks need to be handled differently.

The Securosis post is part of a series; we're looking forward to the rest of it. That link again: "Low Hanging Fruit: Quick Wins with Data Loss Prevention"

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.

Thanks to Silicon Prairie News, which recently posted an interview with Palisade CEO Christian Renaud about how to build an entrepreneurial ecosystem. Christian is uniquely qualified to discuss the subject, he previously worked for Cisco Systems in startup-fertile San Francisco, targeting and evaluating new markets. Now he's back home in Des Moines, working to build a startup culture there.

Christian cites the entrepreneurial potential of Des Moines as one of the community’s greatest attributes. This includes the energy that’s apparent locally, the workforce and the ideas that are being developed in fields like life sciences and agriculture through the research at Iowa State University, the University of Iowa and other schools. However, we have work to develop our startup community.

"We have very strong schools, we have a lot of very good ideas in relevant fields...there's a bunch of energy," Christian explained. " We need to cultivate that, continue to cultivate it, it isn't as much the ecology here as it is [in other cities]."

Obstacles to fostering an entrepreneurial community in Des Moines include the traditional nature of business there. Des Moines is a banking, insurance, and agricultural town, which makes it more conservative and risk-averse, Renaud told the News.

Read the interview and watch a video excerpt: Christian Renaud talks about the needs of a startup community

It's a two-part interview. Previously: Christian Renaud of Palisade Systems talks technology, raising capital

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.

Gibson General Hospital got more than it expected when it started using PacketSure™ data loss prevention. The solution stopped an attack in progress.

And that was just the demo.

Gibson General was looking into using PacketSure™ from Palisade Systems to help the hospital comply with the Health Insurance Portability and Accountability Act (HIPAA) as well as manage network traffic and Web usage. The hospital took advantage of the free secure assessment that Palisade offers to some prospective customers.

On the very first day of the secure assessment, Gibson General discovered unauthorized use of ICQ, an outdated instant messaging technology. Following up that information led to discovery of a gang of hackers breaking into the hospital's network.

Read all about it here: PacketSure™ detects attack on Gibson General Hospital. And that was just the demo.

And check out our other case studies:

Palisade Gives Missouri City Set-And-Forget Protection

Bank Mutual uses PacketSure's™ solution to identify and protect confidential information on their network

Health Fitness Corporation's use of PacketSure™ helps grow their business

Pathways Community Behavorial uses PacketSure™ to help them remain compliant

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.

Last week, Palisade Systems was one of the sponsors of the Security Bloggers Meet-Up at this year's RSA Conference. The Meet-Up - apropos of a security event -was all secretive until the last moment, pretty much to make sure that it was attended by security bloggers. The event was held at Jillian's, and was a casual event in the pool hall to meet the people we've engaged the past year, have our logo up there for people to see and talk DLP and Palisade with people. 

And let people know what we are up to in the data loss prevention space, and why we're the leader in small and medium sized enterprise. But in a casual way with beer and pool.

And we did that - and it was fun, and it was a great event to see people we've emailed and spoken to, but rarely met in real life or seen face-to-face. 

Now, we all have read about how media is changing and how important bloggers are for companies. An interesting article from C/Net and ITDatabase highlights the importance of new media (or bloggers or podcasts or whatever term you want to use), particularly for the enterprise IT. While enterprise tech is the fastest growing segment of technology, it tends to be less reported on as it's not as "sexy". Which is true - B2B technology is not as sexy as consumer electronics and technology but it tends to really drive the economy, and keeps corporations safe and secure, which extends to keeping the public safe and secure. 

So, since the mainstream media - except on huge data loss stories - tends to ignore enterprise tech, the bloggers - corporate, security, in-house - write about the enterprise and are more and more becoming the go-to people on information. 

The small City of O'Fallon, Missouri (pop. 35,000) needed Web filtering for municipal employees, and turned to Palisade PacketSure™ to do the job. They were happy with what they got from us, so they came back to Palisade for Data Loss Prevention, to ensure the safety of confidential data such as Social Security and credit card numbers.

We wrote about O'Fallon's experience with Palisade in our latest case study. Highlights of Palisade's experience:

Read all about it here: Palisade Givs Missouri City Set-And-Forget Protection (PDF download).

And check out some of our other case studies (they're all PDF downloads):

Bank Mutual uses PacketSure's™ solution to identify and protect confidential information on their network

Health Fitness Corporation's use of PacketSure™ helps grow their business

Pathways Community Behavorial uses PacketSure™ to help them remain compliant

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.

At Palisade, we've built our business providing Data Loss Prevention in the form of an appliance. The PacketSure™ Data Loss Prevention (DLP) appliance is dead simple, it installs in less than an hour.

For organizations who don't want to install any hardware at all, Palisade has partnerships with Managed Service Providers (MSPs). These are companies that manage overall security for other organizations. The MSPs deploy PacketSure(tm) Managed DLP in their environment, enabling them to provide robust DLP service to many organizations without the need for dedicated hardware at the customer network.

Many organizations leverage Managed Service Providers already for hosted email, anti-virus, anti-spam, firewall, and other security services. Having data loss prevention services provided by their existing managed service provider simplifies an organization's network administration and can result in considerable cost savings as well.

Palisade CEO Christian Renaud discussed Data Loss Prevention as a managed service as part of a brief but wide-ranging interview with Silicon Prairie News. Visit their Web site for a write-up of the interview and a video excerpt. ("Christian Renaud of Palisade Systems talks technology, raising capital").

"The managed service provider work that we started last year is really where we see the majority of the growth coming from, and the demand coming from," Christian said. DLP started as an issue for the Fortune 500, but Palisade is now seeing demand from smaller organizations, with regulation as a driver, including the Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH), and more.

To find out more about our MSP offerings, visit the PacketSure™ Managed DLP page on our Web site.

Christian also discussed the history of the company, customers' DLP needs, and raising capital in Iowa.

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.

Palisade Systems' CEO Christian Renaud recently took part in a webinar about Data Loss Prevention, hosted by analysts the Radicati Group.

Christian described the features that companies should look for when shopping for a DLP solution. Companies need to ensure the tool can protect "data in motion" -- information leaving the company network through e-mail, the Web, instant messaging, and other channels. And the solution also needs to protect "data at rest," which is stored on company desktops and servers. The solution should be easy to install and get running, with the ability to make changes to the configuration and fine-tune over time as the IT manager becomes more aware of the organization's needs. Also, the solution needs robust reporting, to help the organization get a handle on what's happening on its network. Reporting can also help get organizational buy-in for security measures, by demonstrating need.

And the solution needs flexibility, the ability to fingerprint proprietary information such as source code, or an NFL team's playbook, to ensure that information doesn't get sent out over the network.

The solution should be port- and protocol-independent. Earlier DLP solutions focused on particular ports and protocols, which often resulted in data leaks simply shifting to other channels. "Traffic is wiggly that way, it is a little squirrely, you have to look at all the traffic and identify people who are trying to circumvent the system," Christian said.

IT staff often make the same mistakes in deploying DLP. Palisades' customers are typically small organizations, with IT staff understaffed and under-resourced. They don't have the time to plan ahead and determine what data needs protecting, and how to get corporate buy-in for DLP efforts, making sure there are plans in place for what to do when a data leak is detected.

"Having that plan ahead of time on how you're going to roll it out -- not just put in the box and walk away -- and how you're going to deal with the losses you find, are some of the things organizations haven't considered," Christian said.

Christian was joined by representatives of two other DLP vendors.

Find out more about product offerings, organizational awareness of the need for DLP, how DLP fits into an overall security strategy, how DLP is affected by privacy rules, and more.

Get the slides and recording of the webinar on data loss prevention from the Radicati Group.

Palisade's PacketSure™ Data Loss Prevention appliance can help secure confidential data on the network. View a video demo, or get a live demo, or get a free Secure Assessment.