1. Technical Field
This disclosure relates generally to the field of computer technology and, in particular, to techniques to detect when sensitive data may be in danger of being compromised.
2. Background of the Related Art
Business data is growing at exponential rates, and along with that growth is a demand for securing that data. The types of sensitive information that arise in a typical enterprise environment may be quite varied. Such information includes, without limitation, intellectual property (e.g., code, designs, documentation, other proprietary information), identity information (e.g., personally identifiable information (PII)), credit card information (such as PCI-related data), health care information (such as HIPAA-related data), finance information (such as GLBA-related data), and the like. Often, it is desired to maintain some or all of that information as “sensitive” or “confidential”—i.e., known only within the enterprise, or to certain permitted individuals or systems within the enterprise.
Currently, the most effective mechanism to protect data is to provide adequate security measures to control access. Nevertheless, data leakage remains a significant problem. Thus, for example, data leakage from the secured intranet of an enterprise takes place through a variety of means, such as email, instant messaging, file transfers, document printing, removable USB devices, and the like. While data loss prevention systems and other technologies have been developed to address this problem, there remains a need for other techniques that can detect when sensitive data has been acquired (e.g., by a breach of an access control, or some other means).