22.4. Information Leak Detection Systems
Now we come to the other side of the network monitoring equation: keeping an eye on data that leaves (or attempts to leave) your local network. Software or hardware that does this is known as (among other things) an information leak detection system, or ILDS. Even though the term refers to detection, ILDS products usually offer protection too — blocking outgoing data that should remain within the network.
To take a basic example, suppose you're setting up a Mac for family members — some of whom lack technical savvy or are a bit absentminded. You may want to make sure they don't accidentally send information such as credit card numbers, bank account information, or even your home address over the Internet insecurely (through email, for example, or using a non-SSL-protected web page). An ILDS can do this by watching data going over the network, looking for matches to keywords or other patterns you've designated, and blocking traffic that contains it — perhaps displaying an alert so the user knows what happened. Of course, a full-blown ILDS is overkill for an individual Mac, and software such as NetBarrier (discussed ahead) can competently keep tabs on the outgoing data for single computers.
However, if you're protecting sensitive data on a corporate network, the situation is a bit different. It may be impractical to install and maintain monitoring software on each computer, and some central authority may want to determine what data should ...
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.