If not redirected, please click here https://www.thesecuritybuddy.com/data-breaches-prevention/what-is-data-loss-prevention/
An organization needs to make sure sensitive data like company confidential information or data collected from customers do not get shared outside the internal network without legitimate reasons. Sometimes sensitive data get shared outside the company network purposefully because of internal threats. And, sometimes it happens accidentally by ignorant employees. A company needs to prevent its employees from sharing sensitive data accidentally or purposefully. Data Loss Prevention is a solution or process that is used for that purpose.
An organization needs to make sure sensitive data like company confidential information or data collected from customers do not get shared outside the internal network without legitimate reasons. Sometimes sensitive data get shared outside the company network purposefully because of internal threats. And, sometimes it happens accidentally by ignorant employees. A company needs to prevent its employees from sharing sensitive data accidentally or purposefully. Data Loss Prevention is a solution or process that is used for that purpose.
What is Data Loss Prevention ?
Data Loss Prevention
or DLP is a strategy to make sure that end users do not send
sensitive data or critical information outside the corporate network
intentionally or accidentally. Sensitive data may include
confidential data like Intellectual Property or corporate data like
financial documents, strategic planning document, employee
information and customer data like Social Security Number, credit
card number, medical records etc.
DLP can be
effectively used to prevent insider threats as well as to comply with
rigorous state privacy laws.
How is Data Loss Prevention done ?
Data loss can be
prevented in various ways. Standard security measures include
firewalls, IDPS and anti-virus solutions. They are commercially
available products that can prevent insider threats and outsider
attacks.
Advanced measures
may include using Machine Learning to detect and prevent abnormal
access of sensitive data. Honeypots (What
is a Honeypot ?) and user activity monitoring solutions also can
be used for that purpose.
Often designated
Data Loss Prevention systems are used to detect and prevent data
loss. These DLP solutions use mechanisms like data matching, data
fingerpriting, statistical methods etc to prevent unauthorized
sharing of sensitive data whether done accidentally or purposefully.
Sensitive data can
reside on various computing devices like physical servers, virtual
servers, databases, file servers or endpoint devices like computers,
POS devices etc. It can also move through various network access
points like wireless, VPNs etc. Thus a variety of solutions can be
used to prevent data loss, data leaks and data recovery.
Data Loss Prevention
solution can identify confidential data, track the data as it moves
outside the enterprise network and prevent unauthorized disclosure
using disclosure policies. It uses business rules to classify and
protect sensitive data.
How does Data Loss Prevention solution identify sensitive data ?
A DLP solution has
to first identify sensitive data in order to prevent data losses.
This can be done using various techniques.
Sensitive data in
fact can be of two types – structured and unstructured. Structured
data are data that exist in specific formats. Credit card data,
Social Security Number, date of birth, email address etc are examples
of structured sensitive data. Regular expressions can effectively
used to detect structured sensitive data. Data Loss Prevention
solutions in fact use a number of predefined policies that have
rules to identify structured sensitive data. Regular expressions are
widely used for that purpose. Sometimes data is matched against
context also so that sensitivity of data can be identified in a
better way. For example, if an employee from payroll department looks
into some other employee’s remuneration package, it is usual. But,
if someone from sales department does the same, DLP solution should
be able to raise a flag and report it.
Unstructured data on
the other hand does not have any specific formats. Source code, media
files etc are examples of unstructured sensitive data. Without
analyzing the contents it is difficult to detect whether it contains
any sensitive data. Data Loss Prevention solutions often use
fingerprinting for this purpose. Fingerprints of unstructured
sensitive data are made using cryptographic hashes and saved in
databases. Later, these fingerprints are used to identify sensitive
data elsewhere.
Types of DLP Solutions
Data Loss Prevention
solutions prevent data breaches by monitoring sensitive data while
the data is in-use in endpoint devices, in-motion in network or
at-rest in data storage.
Network Based Data Loss Prevention Solution
DLP solution can
prevent data loss for data in-motion by monitoring all traffic
leaving the internal network. Monitored data may include all data
transferred using multiple protocols like HTTP, FTP, IM, P2P, SMTP
etc. For example, all files transferred outside the company network
using FTP protocol or all emails sent outside the enterprise network
can be monitored.
Datacenter or Storage Based Data Loss Prevention Solution
DLP solution can
protect data at rest stored within an organization’s datacenter
infrastructure like file servers, SharePoint and databases. It can
determine where the sensitive data resides and whether it is stored
securely. Protecting data at-rest may involve methods such as access
control, data encryption and data retention policies.
Endpoint Based Data Loss Prevention Solution
Data Loss Prevention
solution may also include agent based solution that sits on end user
workstations and laptops and monitors data leaving the endpoint. It
can control communication via email, instant messengers etc and can
control access to physical devices and block attempted transmission
of sensitive data. These solutions must be installed on every
endpoint devices.
Data Loss Prevention Solution Vendors
There are quite a
number of vendors that provide good Data Loss Prevention solutions.
Some reputed ones are mentioned below :
-
McAfee
Total Protection for Data Loss Prevention
-
Check
Point Data Loss Prevention
-
Digital
Guardian Data Loss Prevention
-
CA
Data Protection
-
Forcepoint
DLP
Read More
What is Next Generation Firewall (NGFW) ?
How are malware detected by traditional anti-virus solutions & how is NGAV different from them ?
What is Deep Packet Inspection ?
What is a Honeypot ?
What is Intrusion Detection System & how does it work ?
How can AI, Machine Learning & Deep Learning be used to improve cyber security ?
What is Access Control ?
No comments:
Post a Comment