AMES, Iowa, Nov. 15 /PRNewswire/ -- Content security expert and founder of Palisade Systems, Dr. Doug Jacobson, today announced the following top ten tips organizations should consider when protecting their proprietary data and their customers' personally identifiable information from the holiday Grinch, (aka accidental prone and/or malicious employees). The tips follow a new study by research firm Harris Interactive, that estimated 49 million adults in the United States were informed about their personal information being lost, stolen or improperly disclosed in the last three years. The loss of consumers' personal information, especially during the holiday season, was a result of a continuing trend where employees maliciously and/or accidentally send out sensitive data without authorization over electronic communications. Top Ten Tips for Protecting Proprietary Data and Consumers' Personally Identifiable Information From the Holiday Grinch 1) If you're not monitoring employees' outbound electronic communications, consider doing it immediately 2) Understand how employees can send customer data outside your company -- through the network, laptops, PDAs, backup transport. 3) Perform an audit on the amount of network communication protocols employees have access to, since there are nearly 200 protocols employees can use to send data outside your network 4) Develop policies for the appropriate handling, use, and securing of customer data and make sure every employee understands what data is private. 5) Educate your employees on how to properly handle private data as well as how to keep their computers free of security threats, such as worms and spyware. 6) Be sure to communicate your company's procedures and processes for protecting confidential data to your clients. 7) Hire a third party to perform an annual audit of your security practices. Through penetration tests your company will better understand how adequately protected you are with your existing network security infrastructure. 8) Adopt a multi-layered security strategy to protect private data. The strategy should include solutions to enforce access controls on information and provide private content protection. 9) Track where your customers' sensitive data is being sent to. Consider purchasing technology designed to make sure that sensitive data is being sent to the correct IP address by an employee. 10) Encrypt data if customer information is being transmitted or stored on a network. Over 190 Ways the Grinch Can Steal Your Presents (Network Protocols Employees Can Use To Transmit Sensitive Data) 1) AOLWebmail 2) GoogleMailSend 3) Hotmail 4) YahooMail 5) IMAP 6) IMAPS 7) POP 8) POP3S 9) SMTP 10) LPR 11) Microsoft-DS 12) NetBIOS-SSN 13) NFS 14) AresStartup 15) AudioGalaxyWeb 16) BearShareXferEnc 17) BitTorrent 18) BlubsterXfer 19) DirectConnectHub 20) DirectConnectXfer. 21) EDonkey (including OverNet) 22) EDonkeyXfer 23) FiletopiaXfer FreeNet 24) FurtherClient 25) Gnutella Also these that are based on the Gnutella protocol: 26) Bearshare 27) BearshareXferEnc 28) Bodetella 29) Cooltella 30) Furi Launcher 31) Furi Updater 32) Gnewtella 33) Gnewtella 2 34) GnOtella 35) GnuCache 36) Gnucleus 37) Gnujatella 38) Gnumm 39) Gnuspace 40) Gnutella for Mac 41) Gnut 42) Gnutella.it 43) Gobobo 44) GTK-Gnutella 45) Hagelslag 46) Limewire 47) Mactella 48) Morpheus 49) MyGnut 50) MyTella 51) N-Tella 52) Newtella 53) PeaGnut 54) Pi 55) Pygnut 56) Reflector 57) SeachLord 58) Shareaza 59) Gnute 60) Gnutmeg 61) Gnutella Crawler 62) Tellaseek 63) Toadnode 64) Gnutella2UDP. 65) GnutellaXfer End Gnutella protocols 66) IRC-DCC-Send. 67) KaZaA (including Morpheus) 68) KaZaAXfer 69) Napster Also these that are based on the Napster protocol: 70) Amster 71) BeNapster 72) Blazter 73) Capster 74) Console Napster CLT 75) DeWrapster 76) DiaRRIA 77) DJnap 78) Fanster 79) File Navigator 80) NapAmp 81) Napigator 82) Napkin 83) NapMan 84) Napsack 85) Napster for Beos.htm 86) Napster/2 87) Napsterminator 88) Napster - Linux 89) Napster Server Manager 90) Gnapster 91) Gnome-Napster 92) GTK-Napster 93) Hackster 94) iNapster 95) JNap 96) J Napster 97) Jnerve 98) KNapster 99) Koog Epsilon 100) Lopster 101) Macstar 102) Macster 103) Music City 104) MyNapster 105) Napster Unban 106) Netstreak iAssimilator 107) N-Dream Plug-In for Napster 108) OpenNap 109) Pakster 110) Rapster 111) Riscster 112) Snap 113) Socks2HTTP 114) Spyster 115) TekNap 116) TKNap 117) Unwrapper 118) Webnap 119) Wrapster 120) XMNap 121) Napster Xfer End Napster protocol 122) SoribadaXfer 123) SoulSeekLogin 124) SoulSeekXfer 125) Twister 126) CVS-PServer 127) CVSup 128) FTPActive 129) FTPControl 130) FTPPassive 131) AIMLogin 132) AIMMsg 133) AIMXfer 134) GoogleTalkLogin 135) ICQLogin 136) ICQMsg 137) IRCLogin 138) IRCMsg 139) MSNMessengerLogin 140) MSNMessengerXfer 141) YahooMsgrLogin 142) YahooMsgrMsg 143) RealMedia 1, 2, and Multi Rate. 144) ShoutCast 145) WindowsMedia 146) CitrixICA 147) GotoMyPCShare 148) REXEC 149) RLogin RLogin 150) RSH 151) SSH 152) Telnet 153) VNC 154) WindowsTerminalServer 155) XWindows 156) Q.931 157) Session Initiating Protocol (SIP) 158) Skinny 159) HTTP_Servers 160) Socks4/5 161) HTTP-Proxy 162) HTTP_URLList_Remote_Proxies 163) HTTP 164) HTTP-ACTIVEX 165) HTTP-AVI 166) HTTP-EXE 167) HTTP-Audio-MPEG 168) HTTP-Video-MPEG 169) HTTP-QuickTime 170) HTTP-RAR 171) HTTPS 172) HTTP-SHOCKWAVE-FLASH 173) HTTP-Video-Flash 174) HTTP-Zip 175) HTTP-HEAD 176) HTTP-POST 177) AOL-TCP 178) BOINC 179) Compuserve-TCP 180) Finger 181) Gopher 182) IDENT 183) iTunes 184) NNTP 185) WakeOnLan 186) Custom 187) DiagVPN 188) DNS Query 189) EthernetAddresses 190) EthernetNotAddresses 191) Everything 192) HTTP_Hosts 193) HTTP_URLs 194) HTTP_URLList 195) LogUnmatched 196) SSL How the Grinch Can't Steal Palisade Systems is the only vendor in the emerging content monitoring and filtering market capable of not only monitoring these protocols, but also blocking their use and delivery of information to the receiver. Content monitoring and filtering products are a breed of emerging technology that specifically focuses resources on the applications and protocols responsible for the delivery of outbound communication, instead of most network security products that prevent inbound security threats like viruses, spyware, worms, DoS attacks, etc. About Dr. Jacobson Doug Jacobson is an Associate Professor in the Department of Electrical and Computer Engineering at Iowa State University. Dr. Jacobson joined the faculty in 1985 after receiving a PhD degree in Computer Engineering. Dr. Jacobson is currently the director of Iowa State University's Information Assurance Center, which has been recognized by the National Security Agency as a charter Center of Academic Excellence for Information Assurance Education. He is also director of the Internet-Scale Event and Attack Generation Environment (ISEAGE), a U.S. Department of Justice funded test lab, which is the only lab in the world designed to simulate, investigate and recreate the largest cyber attacks over the Internet. In addition to his work at the university, Dr. Jacobson is the founder and CTO of Palisade Systems, Inc. Dr. Jacobson works with local law enforcement and is a computer forensics analyst for the Iowa State University Police department. He's a recipient of the coveted "Meet the Challenge Award" from the FBI's InfraGard program. The "Meet the Challenge Award" is given annually by InfraGard to the individual most responsible for raising awareness of information security in the community. Dr. Jacobson's current funded research is targeted at developing robust countermeasures for network-based security exploits and large scale attack simulation environments. His latest project is the formation of the Center for Information Protection. Sponsored by the National Science Foundation (NSF), it's the first NSF Industry/University Cooperative Research Center to coordinate information security research efforts between business, academic and government institutions. Several of Dr. Jacobson's projects have led to patents and have been successfully transferred to the high-tech industry. Furthermore, Dr. Jacobson has received two R&D 100 awards for his security technology and has two patents in the area of computer security and has given hundreds of presentations in the area of computer security and has testified in front of the U.S. Senate committee of the Judiciary on security issues associated with peer-to-peer networking. About Palisade Systems, Inc. Founded in 1996, Palisade Systems, Inc., is a leading provider of enterprise content security and data protection solutions with over 500 customers across North America and Europe. Palisade security appliances help organizations proactively secure intellectual property and private client information from leaking outside the network, define and enforce access to internal network resources, and enforce compliance with federal privacy and industry security regulations. Palisade Systems customers include prominent clients in healthcare, financial services, insurance industries, along with universities and school districts. For more information, please visit http://www.palisadesys.com or contact Palisade's sales department at 1.888.824.0720.
SOURCE Palisade Systems