A small Wyoming bank made national headlines when it filed a lawsuit against Google after an employee inadvertently sent sensitive customer data to the wrong user’s Gmail account (http://www.informationweek.com/story/showArticle.jhtml?articleID=220100410).  This incident reaffirms that a company doesn’t need to be the target of a massive plot by hackers to suffer a costly and damaging data breach.  In this case, simple user error resulted in the disclosure of sensitive data to unintended parties.

Obviously companies need a mechanism to exchange sensitive data with their partners and customers in order to conduct business.  Ignoring the obvious problem, using email to pass data in plain-text and no authentication to speak of along with the risk of the “Fire and Forget” nature of email is what really struck me about this incident.  Once the email containing sensitive data was sent, the sender had zero control or visibility into what happened afterwards.

Deploying a solution like MOVEit DMZ with Secure Messaging is a reasonable way to reduce the risk posed by sending sensitive data by email.  Using MOVEit DMZ provides for end-to-end encryption of the data, integrity checking, audit logging and non-repudiation, but in this incident, the two-step approach to sending sensitive data really saves the day.

When using MOVEit DMZ and Secure Messaging to send sensitive data to an external partner or customer, rather than pushing the sensitive data all the way to the intended (or unintended) recipient, that data is pushed to the MOVEit DMZ server where it is stored encrypted and available for pickup.  The intended recipient is sent temporary credentials and a link he/she can use to access the sensitive data.  All access is audited, so the sender knows exactly who, if anyone, has accessed the sensitive data.

In this particular incident, had MOVEit DMZ been used to send the sensitive data to the customer, the temporary credentials sent to the unintended recipient’s email account could have been immediately recalled as soon as the mistake was noticed, before any sensitive data was accessed.  Even if the mistake went unnoticed for days, the MOVEit DMZ tamper-evident audit logs would show whether the account had been used to access the sensitive data, or if the account credentials were sitting unread in someone’s inbox.  If the account had been used by the unintended recipient to access the sensitive data, once again the tamper-evident audit logs would provide non-reputable evidence of the unauthorized data access, giving the company stronger means to pursue legal action to recover the data.

Admit it, as a network administrator you are busy enough keeping your company’s entire network up and running at all times. You definitely don’t have the time or patience to sort through an influx of spam. Well, what do you think happens if a certain switch within your network fails?

You’ll be spammed by alerts for every single monitor that you have set up for the various components of that switch.

What if you had the ability to, say, set device dependencies on each of your monitors and make the critical monitor on this switch the up/down monitor applied to the up link interface? With a set up like this, if the switch in question were to fail, you would only receive one e-mail alert informing you of the failed switch.

It’s funny how sometimes the little things can go a long way towards making your life that much easier and less stress-filled. The ability to set intra-device dependencies within your network management solution could potentially save you a lot of hassle and frustration while also allowing you to pin-point network issues much quicker.

With the new Critical Active Monitors feature in WhatsUp Gold v14, you now do have the ability to set up these intra-device dependencies. You don’t have to worry about dealing with those annoying alert storms any more.