Damming the data stream

Companies offer technologies to block the disclosure of sensitive information

Government and commercial agencies are increasingly turning to content monitoring and filtering products that scan all outbound messages because of concerns that e-mail or instant messaging users may accidentially or maliciously send sensitive data.

Just an emerging market a few years ago, monitoring and filtering products may be all the rage in the next several years, experts and vendors say. That’s because agencies and organizations must contend with new regulations and laws that protect personal, health and financial data.

When an organization first sees how much of its sensitive data it transmits to outsiders, its officials are shocked, said Kurt Shedenhelm, president and chief executive officer of Iowa-based Palisade Systems. Experts say 80 percent to 90 percent of critical data transmitted to unauthorized recipients is accidental.

Palisade provides appliances that scale to a gigabit/sec throughput and show who’s sending what. The company has sold products to local governments, educational institutions and other public-sector institutions. Shedenhelm said the technology helps organization leaders understand information distribution practices and gives them an opportunity to educate its employees about correct business policies.

Richi Jennings, lead analyst for the e-mail security practice at Ferris Research, said two factors will shape the content-filtering market. Laws such as the Health Insurance Portability and Accountability Act and agencies including the Securities and Exchange Commission are challenging technology companies to discover better ways to protect Social Security numbers, credit card numbers and other sensitive data from being unknowingly or deliberately disseminated through e-mail messages, instant messages and FTP.

He said there’s also a push in industry, especially from traditional anti-spam filtering companies, such as Symantec and others, to provide a complete solution.

“They suddenly have this kind of blinding flash of inspiration that if we take this spam filter, which is incredibly good at sifting through the text of the message to figure out if it’s spam e-mail, turn that 180 degrees and have it work on outbound mail, we can try to figure out whether these messages are likely to break these regulations that apply to the customer,” Jennings said.

A classic example, he said, is California-based Proofpoint, which provides both technologies. Andres Kohn, Proofpoint’s vice president of product management, said the company provides inbound and outbound filtering and encrypts all outgoing content. In the public sector, he said, customers include state, local and federal agencies, including the Commerce Department, the Library of Congress and a number of national labs.

“When we talk to our customers, they look to a single solution for inbound and outbound e-mail messages,” Kohn said. “We see tremendous growth in the space.”

According to a February Gartner report, content monitoring and filtering is a young market, only about five years old and grossing only $20 million to $25 million in 2005. But the market is forecast to grow to $40 million to $60 million in 2006.

“We expect significant activity during the next few years as some vendors shut down, are acquired or join with others,” the report states.

Matt Pauker, co-founder of Voltage Security, which works with Proofpoint to encrypt data, said customers want a tightly integrated solution that can do everything from monitoring and filtering content to encryption.

In the federal sector, he said, officials realize they need to securely communicate with state and local government officials — especially in situations such as a terrorist attack or natural disaster — who are outside their network.

“There’s a need for a new set of technologies that can provide a safe level of privacy protection and confidentiality with a set of public-sector folks they don’t normally communicate with,” he said.

Jennings said almost all the anti-spam appliance vendors are either working on this or already have add-on products for their existing appliances.

Devices offer new ways to smuggle data

Content monitoring and filtering applications can detect and block certain e-mail messages, instant messages and other outbound messages that contain sensitive or restricted data. Several vendors said their products could prevent an accidental or malicious act of transmitting sensitive information.

About 80 percent to 90 percent of incidents are accidental, but Richi Jennings, lead analyst for the e-mail security practice at Ferris Research, said no thief would use e-mail to send confidential information out of an organization.

“They’re going to use something very innocuous like an iPod or a USB flash memory key or something like that,” he said.

“That’s a lot of confidential information you can walk out the door with, with a very dual-use device,” he said.

— Dibya Sarkar

The Fed 100

Read the profiles of all this year's winners.


  • Then-presidential candidate Donald Trump at a 2016 campaign event. Image: Shutterstock

    'Buy American' order puts procurement in the spotlight

    Some IT contractors are worried that the "buy American" executive order from President Trump could squeeze key innovators out of the market.

  • OMB chief Mick Mulvaney, shown here in as a member of Congress in 2013. (Photo credit Gage Skidmore/Flickr)

    White House taps old policies for new government makeover

    New guidance from OMB advises agencies to use shared services, GWACs and federal schedules for acquisition, and to leverage IT wherever possible in restructuring plans.

  • Shutterstock image (by Everett Historical): aerial of the Pentagon.

    What DOD's next CIO will have to deal with

    It could be months before the Defense Department has a new CIO, and he or she will face a host of organizational and operational challenges from Day One

  • USAF Gen. John Hyten

    General: Cyber Command needs new platform before NSA split

    U.S. Cyber Command should be elevated to a full combatant command as soon as possible, the head of Strategic Command told Congress, but it cannot be separated from the NSA until it has its own cyber platform.

  • Image from Shutterstock.

    DLA goes virtual

    The Defense Logistics Agency is in the midst of an ambitious campaign to eliminate its IT infrastructure and transition to using exclusively shared, hosted and virtual services.

  • Fed 100 logo

    The 2017 Federal 100

    The women and men who make up this year's Fed 100 are proof positive of what one person can make possibile in federal IT. Read on to learn more about each and every winner's accomplishments.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group