Posts by CIPHER-GUY 2 publicly visible posts • joined 23 Feb 2017
The Boeing CIPHER product is one of three DLP's used in the classified area for the past 15 years. If you do not know about it then you do not deal with classified data. The application is used by the Army, the Navy, the Air Force, the White House Military Office and dozens of fortune 500 companies. And people have access to this kind of data as their jobs require it. However, the job certainly does not include emailing it to their spouses - regards
This is not a data access issue. Many employees, based on their jobs, need and have legal access to employee information. For their jobs, they routinely download and analyze employee information using spreadsheets as one of their analysis tools.
The challenge for DLP tools, such as CIPHER, is they have to be installed and setup to scan end user data, in this case, outgoing email. This is a somewhat trivial task for a peron knowledgeable about the DLP, but nonetheless, it has to be performed. For a company the size of Boeing, this would certainly not be done for all employees. It should be done for those individuals that have access to and routinely work with Personally Identifiable Information (PII).
Why the DLP wasn't installed and used for this user is simply a policy issue. Boeing has to decide whether the inadvertent release of information is more important than the resource and end user commitment to installing and using the DLP application.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
