Vontu Offers Federal Risk Assessment Program for Compliance With White House OMB Requirement to Take Action on Data Security Within 45 Days
Share:
Data Loss Prevention Program Meets Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST) and Department of Homeland Security (DHS) Standards
SAN FRANCISCO, July 7 // -- Vontu, Inc., the leader in Data Loss Prevention solutions, today announced a Federal Risk Assessment Program to help government agencies respond to White House guidance on protecting sensitive information stored on laptops and in other remote locations. Based on the NIST Special Publication 800-53 risk assessment requirements, the Vontu risk assessment program helps federal agencies uncover areas of risk and eliminate the loss of Personally Identifiable Information (PII) and other sensitive data.
In light of the recent data theft disclosures at several government agencies, the White House Office of Management and Budget (OMB) issued a directive June 23, 2006, requiring all heads of federal departments and agencies to implement specific measures to safeguard sensitive information at remote locations, such as laptop computers and mobile devices, within 45 days (August 7, 2006). The directive is based on a checklist of data security requirements published in NIST Special Publication 800-53. Additional details on the memorandum can be found at: http://www.whitehouse.gov/omb/memoranda/fy2006/m06-16.pdf.
The Vontu Federal Risk Assessment Program enables government agencies to measure their level of data loss risk resulting from un-encrypted sensitive data that may be exposed in three key areas:
o On laptops or desktops that could be lost or stolen
o On open file shares and servers
o Exiting the network via email, Web mail, instant messaging, file transfers or other Internet protocols
"The most pragmatic way to comply with the 45-day OMB mandate is to assess your risk of confidential data exposure," said Steve Roop, vice president of marketing at Vontu. "Our onsite risk assessment can quantify your risk within 48 hours, providing statistics on actual network traffic and exposed files. We developed our Data Loss Risk Assessment methodology based on the NIST 800-53 risk assessment standards. The program helps federal agencies meet the White House and DHS requirements by providing insight into where confidential data is stored and where it is going, which is the first step toward significantly reducing the risk of data loss."
Department of Homeland Security Launches National Infrastructure Protection Plan
In further actions on data security at federal agencies, on June 30, 2006, the Department of Homeland Security announced its National Infrastructure Protection Plan (NIPP). According to the DHS, the NIPP "provides the coordinated approach that will be used to establish national priorities, goals, and requirements for critical infrastructure and key resources (CI/KR) protection so that Federal funding and resources are applied in the most effective manner to reduce vulnerability, deter threats, and minimize the consequences of attacks and other incidents." For more information on the NIPP, please go to: www.dhs.gov/nipp .
Both the OMB/NIST guidelines and the NIPP require that federal agencies assess their risk of confidential data loss. The OMB/NIST guidelines call for departments to identify personally identifiable information (PII) and conduct a risk assessment. The NIPP directs agencies to "aggregate and analyze risk assessment results to develop a comprehensive picture of asset, system, and network risk, establish priorities based on risk, and determine protection and business continuity initiatives that provide the greatest mitigation of risk."
Vontu Risk Assessment Program for the Federal Government
Vontu offers a 48-hour Risk Assessment that allows government organizations to quantify and qualify their risk of data loss by scanning data at rest and monitoring data in motion for policy violations and data loss incidents. The result is a risk assessment report that quantifies data loss frequency, severity, and risk by data type, user, department, policy and regulation, as well as an industry benchmark comparison and compliance scorecard.
For more information on the Vontu Risk Assessment Program for the Federal Government, please contact a Vontu representative at 415-364-8167. A white paper entitled "Vontu Data Loss Prevention Solution Allows Federal Agencies to Demonstrate White House OMB and NIST Compliance" is available at: www.vontu.com/offers/OMB_compliance.asp .
About Vontu
Vontu is the leading provider of Data Loss Prevention solutions for both data at rest and data in motion. Vontu allows organizations to discover and protect exposed confidential information, monitor all network traffic, block select email, FTP and web communications, and automatically enforce data loss prevention policies. By reducing the frequency and severity of both inadvertent and malicious data loss incidents, Vontu helps organizations ensure public confidence, reduce compliance risk and protect competitive advantage. Vontu customers include Fortune 500 companies in financial services, insurance, high technology, retail, telecommunications, manufacturing, media, and healthcare, as well as state and federal government agencies. Vontu has received numerous awards, including SC Magazine's 2006 U.S. Excellence Award for "Best Enterprise Security Solution" and Global Award for "Best New Security Solution," as well as IDG's InfoWorld 2006 Technology of the Year Award for "Best Insider Threat Defense." For more information, please visit www.vontu.com/ .
Source: Vontu, Inc.
CONTACT: Erin O'Keeffe of Horn Group, +1-415-905-4005, or eokeeffe@horngroup.com, for Vontu
Web site: www.vontu.com/
