General disaster: What could have prevented Paula

Paula Broadwell, the paramour and biographer of CIA director David Petraeus, was found with large amounts of classified government documents in her home and on her laptop. Could a military-grade Data Loss Prevention (DLP) solution have stopped this data breach from happening?

Not completely, but it certainly would have reduced the total amount of lost data. Depending on the specific DLP features available, her activity should have triggered advance warnings about what she was doing and give investigators a clear data trail to follow afterwards.

During the uncovering of Paula Broadwell's relationship with four-star general David Petraeus and then CIA director, FBI investigators discovered she had classified military materials in her home and on her laptop. According to various news reports, Petraeus and Broadwell have told investigators that Petraeus was not the source of the materials. Broadwell, a lieutenant colonel in the US Army reserves, had security clearance, but this did not include the right to have classified data in an unsecured location.

Investigators are inventorying the classified data – both printed and in electronic form – and analyzing how it traveled to Broadwell's suburban house. These are all questions that a DLP solution can answer: what data was taken, where did it come from, and how did it to its final destination.

In a nutshell, DLP works like a librarian; overseeing who is allowed in various library departments, monitoring individual activity, and controlling what data goes out of the building. Even if a person has top clearance, it is still important to know what they are doing. Data Loss Prevention (DLP) solutions like Safetica Endpoint Security DLP are designed to keep the good data inside a company. Additional features in Safetica DLP enable controls on printers, the use of portable memory devices, and the monitoring individual computer activities – features which might have been useful in the Broadwell case.

The Broadwell case is not an accidental leak nor is it the work of a malicious insider. It is best called an intentional leak – data gone AWOL, all with the best of intentions.