Significant time, money and computer resources are expended to protect computer networks from external access. Firewalls provide an initial level of intrusion protection that can frustrate both nefarious and valid transactions alike. Some intrusion prevention systems scan data packets for viruses and other content. A significant number of software applications and hardware devices are designed with such protection in mind. These applications have had varying degrees of success in stopping unauthorized intrusion from external sources. Many of the methods and systems are well documented. Intrusion prevention systems, however, are seldom designed to protect from data loss that originates from within the secure network. Comparatively little effort has been undertaken to protect users of a computer network from themselves. With the large amounts of data flowing between systems and the constant communications undertaken by users, it is sometimes lost that a single mistake can expose sensitive data at significant losses, financial and otherwise.
Such data leakage issues, however, represent extremely complex problems that are not easily addressed. The large number of communication protocols (e.g., instant messaging (IM), webmail, Hypertext Transfer Protocol (HTTP), Real-time Transport Protocol (RTP) and File Transport Protocol (FTP)) and everyday use of communications, such as email, complicate the problem. Any one of the various communication protocols can be used to disseminate sensitive data. Moreover, the dissemination is often accidental, thereby resulting in leakage from even trusted employees/users.
A comprehensive security system that includes aspects capable of addressing these and other issues is discussed herein.