Friday, July 6, 2007

Content Monitoring & Filtering

Originally Posted on 6/16/06

These days, financial institutions absorb an overwhelming amount of regulatory scrutiny for just about everything they do. In particular, execution and process are key indicators to just about every regulators recommendation. If you’ve been in the industry, for any extended period of time, you’ll find the following questions quite familiar. What is going to be done to make us feel secure about this process and how do you plan on doing it? Oh yeah, and when will you have this done by? Will see you next year to make sure what you said was going to be completed, was in fact, completed. You can imagine the type of unyielding pressure that CIO’s all the way down to the engineers must face on a regular basis. Sadly, this is only one of the many driving forces behind institutions frenetic pace behind the endless queue of projects.

One new industry concern, which has caught my attention, is that of Content Monitoring & Filtering (CMF). The topic has gained some traction over the years and which I don’t envision stopping any time soon. My basis for that comment stems from the fact (Gartner Research) that there is clearly a technological need for CMF given growing customer demand. There are also a handful of vendors positioning to be the future leader in this $40 million market.

The problem: Any organizations most valuable asset is their proprietary or sensitive information. Even more important is customer or employee sensitive information. Institutions are charged with protecting your data at costs. If they can’t, the implications are obvious. So…The key question is, what is the most cost effective / efficient methodology to protecting that information?

The potential solution: New CMF technologies have been released that monitors content, organization wide, and protects the accidental or malicious storage / transmission of data anywhere within its infrastructure. .

I’ve personally been on the forefront of my organizations sensitive information security effort since the tail-end of 2005. I obviously cannot speak to the details of my effort but I can say we, as many comparably sized institutions, are giving strong consideration to implementing a CMF solution.

We’ve already had the industries giant, Vontu, perform an on-site demonstration of their products. I have to say that I’m quite impressed and immediately saw the value in the system. The residual benefits from implementing such a system will undoubtedly benefit our organization.

A common dilemma that many institutions face is the fear of not knowing every single piece of data, which could include non-public information, that is coming or going to your organization. Without such a baseline, it hinders an organizations ability to affectively manage the storage or transmission of sensitive information. The introduction of such a system will mitigate such a risk and level set expectations. Although the technology is still in its infancy, focusing on clear text keyword identification which is governed by rule based options, it puts immediate, fundamental, controls in place that promptly alters user behavior.

The technology is here. The demand is here. The only question, moving forward, is how sophisticated the technology will ultimately become. Ostensibly, the more sophisticated the solution becomes, the easier CIO’s will sleep at night, knowing their data is safe.

Labels: ,


Post a Comment

<< Home