Research Article
A Security Architecture to Protect Against Data Loss
@INPROCEEDINGS{10.1007/978-3-642-11530-1_12, author={Clive Blackwell}, title={A Security Architecture to Protect Against Data Loss}, proceedings={Information Security and Digital Forensics. First International Conference, ISDF 2009, London, United Kingdom, September 7-9, 2009, Revised Selected Papers}, proceedings_a={ISDF}, year={2012}, month={5}, keywords={Data loss security architecture Searchlight model attack and data loss classification}, doi={10.1007/978-3-642-11530-1_12} }- Clive Blackwell
Year: 2012
A Security Architecture to Protect Against Data Loss
ISDF
Springer
DOI: 10.1007/978-3-642-11530-1_12
Abstract
Data loss poses a significant and increasing problem for organisations. This is shown by the regular stories of data loss reported daily in the media, such as the mailing of 2 CDs containing 25 million personal records by the Revenue and Customs in the UK. There is a need to provide systematic protection to data in all its forms and locations however it is accessed. We have developed Searchlight, a three-layer security architecture containing the physical, logical and social levels, which we use to analyse data loss holistically to prevent, detect and recover from exposure. We examine deliberate and accidental data loss by employees, but the same analysis can be straightforwardly applied to external attacks. Our practical security model appears to have widespread application to other problem domains such as critical infrastructure, the insider threat and financial systems, as it allows the analysis of systems in their entirety including human and physical factors, not just as technical systems.
