The only outgoing traffic must go through my proxy server which is controlled with a white list. E-mail is the only other outgoing traffic. And it is done through web mail that is accessed through the proxy.
Securing a network is so easy. I can't believe a government facility or any secure org would have P2P ports open in their firewall. I suspect there is more to the story than P2P.
Design specs on the President’s helicopter, Marine One, have been found on an Iranian server, according to a security firm that gathers intelligence on peer-to-peer networks.
According to P2P intelligence firm Tiversa, a soon-to-be-ex-employee of a Bethesda-based military contractor installed a P2P app on their cleared desktop and leaked out the design specs for the helicopter that carries the President from the White House to Air Force One. There aren’t too many details at this time, so all I can say is “Whoops”.
So how would someone stop classified data being distributed via P2P in such a way? There is a class of software products in the security industry that claims to prevent these kinds of events known as “data leakage prevention”, or DLP. Lest you think that you need to run out and buy data leakage prevention software, no DLP software was really necessary for preventing this event. Systems that handle classified data should not be allowed to execute ANY software that hasn’t been previously vetted and installed by the IT department’s security group.
I’m sure that pretty much every DLP vendor, short of maybe the vendor used by the defense contractor, is spending today updating their marketing collateral to talk about how their software prevents this kind of data from leaking out across peer to peer networks. The other document that is being updated today is the resume of whoever was responsible for the military contractor’s desktop security.
