Word of the Day: data exfiltration

Word of the Day Daily updates on the latest technology terms | April 22, 2014

data exfiltration Data exfiltration is the unauthorized transfer of data from a computer. Such a transfer may be manual and carried out by someone with physical access to a computer and a portable storage device or it may be automated and carried out through malicious programming over a network. To prevent data exfiltration, administrators should create strict IT controls for both physical and digital security. Such controls may include the use of policies for role-based access control (RBAC), encryption, consumerization and password hardening as well as the use of data leak prevention (DLP) products to inspect and/or deny network egress traffic from carrying unauthorized content beyond the perimeter of the enterprise. Data exfiltration may also be referred to as data extrusion. Quote of the Day   "Intrusion in itself is a cause for concern that warrants attention, but exfiltration is a serious liability that requires action." -- Heidi Shey   Fun Fact Security researchers have demonstrated proof-of-concept malware that can exfiltrate data wirelessly through a computer's speaker system. Related Terms Related Terms IT controls data leak prevention role-based access control consumerization policy password hardening extrusion prevention Related Tags Data loss prevention   Required Reading Preventing data leaks Learn about data loss prevention policies, processes and technologies, including extrusion detection. Information security controls for data exfiltration prevention Expert Michael Cobb looks at the value of data and lists five information security controls to prevent data exfiltration. Data loss prevention tools: Understanding your options Video: Kevin Beaver discusses his real-world experiences with data loss prevention tools. Stay In Touch FOLLOW WHATIS.COM     CONTACT US For feedback about any of our definitions or to send us ideas for new definitions, please contact us at: editor@techtarget.com About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2013 TechTarget. All rights reserved.