Securing Data and Handling Spillage Events

Abstract: Data spillage is the transfer of classified or sensitive information to unaccredited or unauthorized systems, individuals, applications, or media. A spillage can be from a higher level classification to a lower one. The data itself may be residual (hidden) data or metadata. Spillage may result from improper handling of compartments, releasability controls, privacy data, or proprietary information.The trend towards increased information sharing has weakened access controls, giving users without a need-to-know access to large volumes of sensitive or classified data. Malware that propagates via removable media has increased the risk of large data transfers outside the network. The risk of data spillage is a problem largely because of inadequate end user security awareness, unmanageable networks, and poorly implemented data policies.

Date Published:

Last Reviewed: 16 July 2015

Creator:

Dissemination Control: N/A

Length: 2 page(s)

Format: pdf

Type: Reference/Overview; Factsheet

Tags: Data Spillage; Data Protection; Cyber Incident Response - CIR