DLP – Data Loss Prevention
What is “DLP” or “Data Loss Prevention”
One of the most important and valuable assets a company possesses is the information. This has become clear over the years based on the attacks by malicious parties and actors to steal that information, render it unusable, and make it unavailable. Client/patient information, financial information, intellectual property, company communications, and other sensitive information is the target of the bad actors. This information can be precariously made public, held for ransom, and used by competitors and nation states.
Many safeguards are implemented to prevent this sort of attack, but what addresses the unauthorized movement of that sensitive information from the inside out? Another factor to consider is the intent. Often, the movement of information from the inside out is not malicious. Some examples of how information is leaked includes:
- Email Attachments
- Cloud File Sharing
- Social Media
How can this data loss be prevented?
Some of the common utilities used to stop the leaking of information includes:
- Email Scanning – Email scanners monitor and detect the outbound transmission of sensitive data by using parameters to discover information contained in emails that includes Protected Health Information, Personally Identifiable Information, Protected Financial Information, and Intellectual Property. Once discovered, the Email will be intercepted, and specific authorization will have to be provided to complete the transmission.
- Web Filtering – This may be the most critical of the DLP options. Web filtering, when implemented, can prevent users from accessing sites that allow for file sharing. These include cloud storage and social media. Once information is sent to one of these sites, it is exceedingly difficult, if not impossible, to track access. When configured appropriately, web filtering will prevent the outbound transmission of information by restricting the sites a user may visit while web browsing.
A full DLP suite will accomplish both tasks. Additionally, the DLP solution will report on events and provide a mechanism for escalation and a web portal to retrieve attachments.
In some form, organizations should consider implementing one or more of the DLP components to prevent the leakage of this critical asset.