Open Source Data Leak Prevention

Open Source Data Leak Prevention

In network security there are many challenges. In any business that deals with any sort of protected information (like healthcare) the challenges can be even greater.

One of the largest problems I see that is not being addressed adequately is hospitals and physicians sending personal health information in plain emails. It doesn't matter that HIPAA has specified that you don't do this for years. It doesn't matter that every IT and security manager in the business knows you don't do this. It doesn't even matter that the government has placed potential large fines on businesses that violate this. They still do it.

Enter MyDLP. MyDLP is a "Data Leak Prevention" software that is open source and licensed under the GPLv3.

MyDLP is very easy to install on an existing Ubuntu server, and they also provide an appliance installation image and a virtual image for download. Their website claims you can be up and running in under 30 minutes and it really is pretty darn easy.

Out of the box today, MyDLP will allow you to find and quarantine documents and emails containing SSN's, credit card numbers and international bank numbers. The advanced version that is due to be released shortly adds the ability to do custom regular expression based filters among other things.

The software is still in heavy development and features are being added every week. The developer was kind enough to give me access to the advanced version in development ahead of time for testing. The standard version is simple enough to be deployed by the most novice of network administrators. The advanced version gives you full power to customize your filtering methods to your heart's desire, but the documentation is still a bit thin and the advanced UI is a bit complicated for the average user. Really though, if you are a network administrator who has to deal with these things on a daily basis, you should be able to understand the advanced interface pretty easily. In just a few hours I was able to integrate MyDLP into my email server and set up custom filters to keep our customers from mistakenly sending us personally identifiable health information. It can even look into attached files and filter spreadsheets, documents and zip file contents as well.

There's a Windows client you can install that integrates with the server to prevent users from moving any protected information onto removable devices or network shares. Unfortunately there's no Linux client as of yet. There are also features to integrate it with a web proxy to filter incoming and outbound web traffic.

All-in-all, despite it's early development status I'd have to say this open source free application can certainly give any commercial based DLP system a run for it's money.

Posted by Tony on Jan 19, 2011 |