Lessons from the DuPont Data Theft
Gary Min is the 43 year-old former senior scientist from DuPont who pled guilty to misappropriating $400 million worth of proprietary information. Min was due in court this past Thursday to receive his sentence.
In a Computerworld story, Jaikumar Vijayan identifies six steps to take to mitigate the risks of insider threats and keep track of what's going on inside the firewall.
- Get a handle on the data
- Monitor content in motion
- Keep an eye on databases
- Limit user privileges
- Cover those endpoints
- Centralize your intellectual property data
Clearly, a list like this simplifies the real challenge each point represents, but it does remind us that we need to know what we have for data, when it changes, who can access it, and where it's located. All of this requires constant visibility into your enterprise, down to the configuration level.
In the case of Min, it is now known that he downloaded and accessed more than 15 times as many documents as the next most active user of the system. Information like this can and should be tracked far sooner than it was in the DuPont's case. Min's activities were not discovered until he was already working for a rival company.
Read Vijayan's article and see how well you're doing following his six points...and how many more you might add to his list!
Comments