Data Leak Prevention

In January 2007, Provilla publicly launched LeakProof; a data leak prevention tool with a claim that it can quickly evaluate sensitive data to ensure that it isn't copied off to a removable drive or e-mailed out of the organization. Currently, the product creates a 1KB fingerprint of protected documents--regardless of

In January 2007, Provilla publicly launched LeakProof; a data leak prevention tool with a claim that it can quickly evaluate sensitive data to ensure that it isn't copied off to a removable drive or e-mailed out of the organization. Currently, the product creates a 1KB fingerprint of protected documents--regardless of document size. Plans discussed with me by Glen Kosaka, vice president of marketing, on July 9 call for the fingerprint to be reduced to 100 bytes, perhaps by the end of this year. The advantage of such a small fingerprint file is that it's quick. The disadvantage is that up to 40 percent of the original protected source must be present for the fingerprint to identify the protected document. That is a lot of original source material. This makes the product suitable for preventing inadvertent unsafe data handling (e.g. storing a lot of payroll records on a USB flash drive). LeakProof likely won't be effective against a determined hacker who is smart enough to take data in smallish chunks. The small fingerprint permits the $30 to $100 LeakProof agent (per year, per managed endpoint) to work when disconnected from the $12,000 to $20,000 Provilla appliance. That's pretty cool, but again only for organizations that have a basically trustworthy work force. I may try this out in the lab when updates for the current LeakProof are released sometime in the fall. In the meantime, I'm keeping an eye on Vontu, Reconnex, Tablus and Vericept. You can read my review of Vontu here.