In Motion or at Rest, Data Get Once Over From First Tech Device

BEAVERTON, Ore. -- "Not to be nosy, but is that a member's account number and PIN in that e-mail?"

That's the kind of question that could come after an internal alert issued by a data-loss prevention (DLP) solution now guarding the network at $1.8 billion First Tech Credit Union.

The CI-1500 content inspection appliance from Code Green Networks of Sunnyvale, Calif., was installed earlier this year, which took about a day.

"DLP is an emerging technology and I couldn't see spending $150,000 on three or four different pieces of hardware and spending three or four months to get it deployed," said Rob McGee, First Tech's director of information security.

Once installed, the device immediately began inspecting content in multiple formats in storage, moving about the network and at the network endpoints.

McGee uses policy-driven data classification and filtering and industry-specific document libraries and templates to identify and stop, if necessary, outgoing sensitive or personally identifying information through various online channels.

The solution also can encrypt e-mail through integration with the big encryption services such as Zix, Voltage and Cisco, but McGee decided to stick with his existing encryption solution from another vendor.

He said he decided to purchase the Code Green appliance and about 500 accompanying licenses for its TrueDLP solution after a process that began with an annual security audit three years ago.

"I had become aware that it would be very difficult to detect any of our 450 users transferring sensitive data using a corporate e-mail account. This was really before there even was a group of products aimed at data-loss prevention," McGee said.

After attending seminars and Webinars and checking with colleagues, the First Tech IS chief decided to join the list of about 50 credit unions using Code Green solutions.

"The system seemed to be the only one that was directly aimed at mid-market enterprises, and they didn't price themselves out of my budget," he said.

"Why would I spend $150,000 on a product with multiple devices, four servers, four server licenses, more hardware, more things to deal with and more things sucking power in my data center? I wanted something relatively inexpensive and simple to deploy," McGee said.

Now he gets alerts via e-mail whenever sensitive data could be misused, and he said its accuracy has meant "false positives aren't a big problem."

That said, "I also feel that even with the world's best DLP technology, nothing is 100% foolproof," McGee said. "For example, someone could take a picture of data with a cell phone or relay sensitive information on a phone call."

"Until we're checking people's bags at the door and have voice and video monitoring on all communications, there will always be the potential for data leaks."

--mrapport@cutimes.com