SECURITY: dlp
Data loss prevention (DLP) software and hardware is used to keep an organization’s sensitive data safe, both inside and outside the office. DLP solutions ensure key information is not leaked, stolen, potentially exploited or otherwise accessed by wrong people.
In most cases, this is Payment Card Information (PCI), Personally Identifiable Information (PII) or Protected Health Information (PHI), but DLP tools are often employed to protect Intellectual Property (IP), trade secrets, client lists, or other data that would cause risk to an organization’s financial health, competitive market position or brand image.
Any information that is regulated, confidential or designated as business critical is classified and carefully tracked – “at rest”, “in use” and “in motion”. Based on an enforced policy, this data cannot be exposed or shared in any manner that might prove to be detrimental. This means monitoring all activity, including email, instant messaging, file transfers (local, network and internet), mobile device usage and printing. The information at rest, residing within servers on premise or in the cloud must also be watched closely.
DLP will provide full visibility into the movement of sensitive data and enforce security rules to prevent inadvertent or accidental leaks of this information outside authorized channels.
Not Limited to the Enterprise
While initially targeted for larger organizations, DLP has now become a necessity for businesses of all sizes. This includes midmarket and SMB, where smaller companies are increasingly at risk of new, digital hunting & gathering techniques that leverage autonomous utilities to continuously search for vulnerable servers, both on premise in the cloud, that can be breached and compromised. The same is true for mass phishing campaigns that utilize a small amount of familiar publicly searchable information for social engineering tricks. Many of these automated seek and steal operations have no real preference as to the source or location of the sensitive data that is captured.
Gartner has predicted that at least one form of DLP will be implemented in in 90% of all organizations by 2021. This is a universal requirement, and no company is immune or off the radar.
The good news is that new products have recently emerged products from DLP vendors that are designed and priced for smaller companies. Combining these new SMB SaaS packages with the offerings from the traditional players, we can new see a set of effective DLP solutions that scale from large Enterprise down to organizations of less than 50 employees.
Key DLP Solution Requirements
Documents (all types) – Email – Messaging / Chat – Printing – File Transfer
- Fully visibility and auditing of data manipulation and movement
- Immediate, real-time alerts of any policy violations
- Proactive reinforcement and education of users when handing sensitive information
- Scheduled, automated reporting with comprehensive analysis
Additional Feature – Benefit: Productivity Monitoring
While addressing key need to protect sensitive data, a good DLP product provides valuable insight into overall behavior and activity of all employees each day.
The same reports that show how information travels through an organization will deliver granular details regarding staff work habits, revealing exact how much time a user invests for each task on their workstations, laptops or tablets.
Activity for commonly used programs is tracked as well as idle or down time, and these statics can be aggregated and sorted in order to measure relative productivity of employees.