Paula Broadwell, the paramour and biographer of CIA director David Petraeus, was found with large amounts of classified government documents in her home and on her laptop. Could a military-grade Data Loss Prevention (DLP) solution have stopped this data breach from happening?

Not completely, but it certainly would have reduced the total amount of lost data. Depending on the specific DLP features available, her activity should have triggered advance warnings about what she was doing and give investigators a clear data trail to follow afterwards.

During the uncovering of Paula Broadwell's relationship with four-star general David Petraeus and then CIA director, FBI investigators discovered she had classified military materials in her home and on her laptop. According to various news reports, Petraeus and Broadwell have told investigators that Petraeus was not the source of the materials. Broadwell, a lieutenant colonel in the US Army reserves, had security clearance, but this did not include the right to have classified data in an unsecured location.

Investigators are inventorying the classified data – both printed and in electronic form – and analyzing how it traveled to Broadwell's suburban house. These are all questions that a DLP solution can answer: what data was taken, where did it come from, and how did it to its final destination.

In a nutshell, DLP works like a librarian; overseeing who is allowed in various library departments, monitoring individual activity, and controlling what data goes out of the building. Even if a person has top clearance, it is still important to know what they are doing. Data Loss Prevention (DLP) solutions like Safetica Endpoint Security DLP are designed to keep the good data inside a company. Additional features in Safetica DLP enable controls on printers, the use of portable memory devices, and the monitoring individual computer activities – features which might have been useful in the Broadwell case.

The Broadwell case is not an accidental leak nor is it the work of a malicious insider. It is best called an intentional leak – data gone AWOL, all with the best of intentions.

Author
Safetica team

Next articles

Microsoft Identity Platform: Introduction

Do you need a reliable identity management service for your application? Don't reinvent the wheel by coding your own. Try Microsoft Identity Platform. This article will introduce you to the service and give you information on how to start adopting it.

10+1 Tips to Secure Your Company’s Data on Business Trips

Do not forget about data security when you go on a business trip. Read our 10+1 tips and make sure your data and devices are safe.

Safetica picks up 9 badges in the G2 Fall 2022 Reports

We are proud to announce that Safetica received 9 badges in the G2 Fall 2022 Reports, earning 3 new badges over the summer reports.