Tarikh/Tempoh : November 2018 hingga April 2019
Kerjasama Industri : Evault Technologies Sdn Bhd
Kerjasama Agensi : –
Perkhidmatan : PoC produk SecureMi di MAMPU bagi skop Mail Transfer Agent (MTA) dan Endpoint Filtering bagi mengesan kemungkinan berlakunya insiden kebocoran maklumat terperingkat kerajaan
Background
Official Information and Government Official Information that is used in the ICT environment is vulnerable to the risk of leakage of information, to persons who are not authorised to either intentional or otherwise. Through Technology Update of SecureMi Data Leakage Protection (DLP) product from Evault Technologies Sdn. Bhd. (Evault) chaired by MAMPU ICT Deputy Director General on 23 January 2018, agreed that SecureMi’s Proof-of-Concept (PoC) will be implemented at MAMPU for the scope of Official E-mail (MyGovUC), Digital Document Management System (DDMS) and Meeting Management System (MyMesyuarat) for a period of three (3) to six (6) months of implementation.
PoC SecureMi at MAMPU is coordinated by the ICT Consultation Division (BPI), involving the ICT Infrastructure and Security Services Division Division (BPG) for MyGovUC scope and Application Development Division (BPA) for the scope of DDMS and MyMesyuarat.
The main objective of PoC SecureMi’s implementation is to identify, monitor and track the possibility of classified information leakage incident, official secret information and government official information for the proposed Electronic Data Leakage Protection solution/DLP by monitoring three (3) data states as follows:
(a) Data-in-use;
(b) Data-in-storage; and
(c) Data-in-motion.
PoC current testing scenarios will involve:
(a) Removable Storage Device;
(b) Clipboard;
(c) E-mail;
(d) Print Screen;
(e) Printer;
(f) Internet; and
(g) Data Discovery.
Impact
Among the benefits and impact of this programme are as follows:
(a) Citizens: enhancing the level of public/citizen’s confidence with the government/agency electronic information protection security controls.
(b) Government: protecting and preventing the leakage of government electronic information from acts of intentional or inappropriate conduct.
(c) Agency: reducing the cost of investigating incident leakages and agency reputation costs in the event of incidents of leakage of information. In addition, it can facilitate early detection of risky activities and enable immediate mitigation actions.
Updated 01.07.2019