According to the New York Times, NSA technicians were able to find out how Edward Snowden was able to steal 1.7 million documents with simple resources.
To steal data from the NSA it was enough for Snowden to be a system administrator. Furthermore he just needed a web crawling tool and access to USB flash drives or other computers. Fatal is, that these insufficient safeguards exist at many companies and government agencies, which only focus partly or not at all on the issue of data security. But it could be easily and quickly implemented by IT security.
For a secure IT infrastructure firewall and virus scanner are not enough, as can be seen in this example. It requires a multi-layered protection system. This includes measures, such as access control, logging, filtering and encryption. The German specialist in the field of endpoint security ‘EgoSecure’ refers to these protective measures as the C.A.F.E principle (Control, Audit, Filter, Encryption).
With EgoSecure Endpoint the NSA data theft would not have been that easy!
Access to the network, cloud storage or external media (USB, CD / DVD, Mobile Devices) can be controlled and filtered. Edward Snowden would therefore not have been able get to all those data. Next, the module audit would have revealed (in Germany it works conform with 4- / 6-eyes principle) the data drain quickly and detected the source. With file-based encryption of sensitive information, the documents would have been unusable for Snowden. An application control to protect against the use of unauthorized applications would have not allowed the system administrator to the use the web crawler installed by Snowden.
With the comprehensive endpoint security solution “EgoSecure Endpoint” security specialist EgoSecure from Ettlingen near Karlsruhe is regarded as a technology leader in the field of endpoint security and endpoint management. EgoSecure maintains global sales and technology partnerships and protects more than 1,300 international companies of all sizes and in many sectors against data loss, malware, liability risks and costs through absenteeism. Even companies with increased security needs, such as state criminal police offices or banks, trust EgoSecure Endpoint.
In constant dialogue with the customer EgoSecure develops solutions that allow an easy and quick installation. The solution is equipped with an intuitive, centralized administration concept, that does not interfere with the user in their usual workflow. This particular customer orientation ensures undivided acceptance and thus increases the safety standard.