What is Passive Information Leakage?
Passive information leakage is the process by which websites can monitor and analyze user behavior to reveal the confidential plans and interests of the business.
Preventing Passive Information Leakage
Passive information leakage (PIL) is a common form of data loss and standard Data Loss Prevention (DLP) systems do nothing to stop it. DLP systems are focused on preventing sensitive documents and particular data from being sent outside the business without authorization. Companies lose confidential information every day without anything being explicitly sent.
The problem is that user behavior patterns contain this sensitive information. Every website visited, document downloaded, and link clicked leaves a trace visible to the website. Businesses can easily connect user and company identity to that activity, revealing much more than one might think. We call this Passive information leakage.
New product plans and timing are visible to competitors simply by watching which pages executives, developers, and marketers visit.
M&A activity is telegraphed by the activity of executives with associated lawyers and investment bankers.
Passages protects against PIL by preventing websites from identifying and tracking visitors. Because they can’t build behavior profiles they can’t discover plans or interests.
Passages provides this protection in two ways:
First, the Passages Virtual Machine automatically destroys all tracking information a website might try to attach to users. Even sophisticated techniques like super cookies, and browser fingerprinting are foiled by our absolutely clean browser environment.
Second, the Passages Geo Pools hide the user’s IP address. All traffic in or out of Passages comes from an IP address outside of the customer’s business network. The IP is shared by an enormous number of other users so it is impossible to associate any activity with any particular individual or organization.
Learn more about passive information leakage in our multi-part blog article.