1. Field of the Invention
Embodiments of the present invention generally relate to computer data security systems and, more particularly, to a method and apparatus for preventing confidential data leakage using expiration information.
2. Description of the Related Art
Maintaining the confidentiality of data, such as sensitive data (e.g., credit card numbers), intellectual property rights (e.g., rights to inventions), security exchange commission filings, financial reports and the like is a paramount concern of any organization. If the confidential data is disclosed, the organizations may be harmed by bad publicity and/or financial loss.
The confidentiality of certain data (e.g., documents) may be forever or a simply finite length of time. For example, a document may be confidential until a certain event (e.g., public announcement, filing and the like) or a particular moment in time (e.g., Last day of the month, a number of hours and the like). In order to ensure the confidentiality of the sensitive data, such organizations implement various security systems (e.g., data leakage prevention (DLP) products) to protect the sensitive data from disclosure (i.e., data leakage) to the public and/or any other unauthorized person.
Generally, a data leakage prevention product is configured to protect the confidential data by comparing outbound data to a data specification that describes documents and/or other data that is to remain confidential. Such a comparison consumes various computer resources. Occasionally, the DLP product blocks data that is no longer confidential. As a result, the DLP product may consume a lot of unnecessary cycles on outgoing data checks against these data specifications, and in some cases may hamper the rate of outgoing traffic.
Hence, typical DLP products are inefficient and not effective. The DLP product wastes a significant amount of resources comparing formally confidential documents to the data specifications to determine if the transmission of such formally confidential documents should be blocked. Consequently, such operations of the DLP products slow down a network for the organization by consuming network resources (e.g., reducing an amount of available bandwidth).
Accordingly, there is a need in the art for method and apparatus for identifying data that is no longer confidential using expiration information in order to improve data leakage prevention.