Data+Leakage

13 November 2010 ** Data Leakage ** Loss of control over data Unauthorized exposure/transfer of data Ex: man in the middle, backdoor, privelege esclation are intented data leaks __Networks__ Unintented leaks : RBAC Rogue devices __Storage :__ · Identify your data assets, owners, who are the data custodians · data locations (hardware and logical i.e. network addresses) · Legal requirements – i.e personal identifiers, ect · Classify · Implement proper storage

__Endpoints__ Defend yourself against attacks Unintended : · email (outgoing), · network drives/local drives, · Shared (folders and network connections)

__The Google Hack –__ web server Crawler – goes and checks every web server. Everything with a public html is published. The crawler is automatic software.