Risk Management
Code Green Networks provides solutions that help mitigate reputation, compliance and operational risk associated with the loss of customer data or confidential information.
Unauthorized disclosure of sensitive and proprietary information is a major issue that can potentially affect all three key corporate risk areas – reputation risk, compliance risk and operational risk. Organizations can lose hundreds of millions of dollars when sensitive, proprietary information is either maliciously or mistakenly posted to the Internet or emailed outside the organization.
Reputation Risk
In one of the most famous examples of reputation risk, ChoicePoint, a data brokerage company that sells information and data services to the insurance industry, government agencies, direct marketers, and other businesses leaked information in March 2004 on 145,000 U.S. citizens. This data breach resulted in $15 million in fines and significant loss in shareholder value.
Compliance Risk
In February 2005, the Palm Beach County Health department inadvertently emailed a confidential list of 4,500 AIDS patients and 2,000 HIV-positive patients to 800 employees in violation of the Health Insurance Portability and Accountability Act (HIPAA), and could result in significant financial penalties.
Operational Risk
In May 2004, Cisco had its proprietary IOS source code posted on a public website. Once proprietary code is exposed to attackers, it becomes considerably less secure and threatens a company’s competitive position.
Code Green Networks mitigates all three types of risk by establishing a layer of content protection around the organization. If someone transfers sensitive content via email or other Internet channel, it is automatically detected and appropriate policy actions taken. Incident records can be analyzed to reveal at-risk content and appropriate mitigation efforts taken to reduce future incidents – such as educating users or fixing a poorly designed business practice.
