The term content filtering is usually associated with traffic that needs to be inspected whilst crossing internet boundaries. The two most common sources of internet activities that require filtering are email and web. Without adequate protection end-users can become very easy targets for all sorts of malicious activities. These malicious activities include viruses, trojan horses, worms, spyware, spam, malicious mobile code, phishing attacks, bots and keylogger backchannel communications. Ideally these attacks are filtered both at the perimeter and also on servers and end-user systems. Through email filtering, for instance, a dedicated system receives all email traffic and performs many types of filtering methods such as content-encoding, regular expressions and proximity.
Similarly, web filtering solutions, can be used to integrate with directory access databases to identify system users and control internet web access from malicious activities resulting from applications, urls and protocols. Modern perimeter firewalls are also usually equipped with what is known as Unified Threat Management (UTM) which combine these filtering features and serve as a first line of defence against such threats.
One must also point out that although it is extremely important to plug these detection systems on networks, this does not eliminate the need for specialized anti-malware software, more traditionally known as anti-virus, that is installed on servers and end-point systems.
Data Leakage Prevention
Securing data access based on the type of data being accessed is one of today’s major challenges. Data Leakage Prevention (DLP) solutions prevent confidential information from being deliberately or accidentally leaked out of an organization. These solutions operate by scanning network traffic and activity on endpoint systems to identify, monitor and protect confidential data. Visibility is required over the level of data confidentiality, the method used for data transfer (smtp or file transfer for instance), data transfer destination, who is performing the transfer, and provisions taken to ensure data is properly secured.
Critical business information must be stored in secure locations that not only controls user-level access but also ensures data confidentiality control using encryption and proper access audits. Information stored using Vaulting Technology is transferred using secure protocols and properly secured using adequate key management.