Data Loss Prevention

• DLP offers filters to monitor and block sensitive file attachments, file uploads to online applications, copy&paste, document printing, etc., and the tools to analyze who transferred what and when. The objective is not to completely block the access to websites or the use of applications that help employees in daily tasks, but to prevent leakage of confidential data that could occur through these tools – e-mail, instant messaging, cloud storage apps, portable storage devices, etc. There are, though, DLP solutions that offer this type of capability as well, but the software that is specialized in blocking the navigation on specific websites and web pages is called Web Filtering and it is usually part of UTM solutions

• Yes. Since DLP fits in all company sizes, enterprises can import their AD structure and build policies on users, computers, and groups and assign special rights for each entity. This helps IT Administrators to have granular policies and make the most out of the DLP software, adapting it to the company structure.

While there are DLP tools that offer visibility in what users are downloading, it is not usual for DLP to do so. This is mainly because the purpose of the solution is to prevent sensitive data from going out of the company network, not to control what comes in. Data leakages happen usually when unauthorized employees send confidential files to malicious people, or to their personal e-mail addresses, to the cloud, etc where the control of the IT department is limited. Downloading can be also harmful from another point of view, especially because of potential malware, but this is another topic.

1. You aren’t sure where your company’s confidential data is being stored, where it’s being sent, and who is accessing it.
   DLP technology provides IT and security staff with a 360-degree view of the location, flow, and usage of data across the enterprise. It checks network actions against your organization’s security policies, it and allows you to protect and control sensitive data, including customer information, personally identifiable information (PII), financial data, and intellectual property. With a thorough understanding of this data, your organization can set the appropriate policies to protect it and make risk-prioritized decisions about what assets need to be protected and at what cost.

1. Your company has a plan for protecting data from external intruders but does not protect against theft and accidental disclosure of sensitive information by employees and partners.
   Not all data loss is the result of external, malicious attacks. The inadvertent disclosure or mishandling of confidential data by internal employees is a significant factor. According to Verizon’s 2018 Data Breach Investigations Report, 28 percent of attacks involved insiders. The insider threat can be particularly difficult to guard against—it’s hard to spot if someone is using their legitimate access to data for nefarious purposes. DLP can detect files that contain confidential information and prevent them from leaving via the network. It can block sensitive data transfers to Universal Serial Bus (USB) drives and other removable media and offers the ability to apply policies that safeguard data on a case-by-case basis. For example, if a security event is detected, access to a specific endpoint can be blocked instantly. Policies can also quarantine or encrypt data in real-time response to events.

1. You are concerned about the liability, negative exposure, fines, and lost revenue associated with data breaches.
   Data breaches have been making headlines with alarming frequency. They can wreak havoc on an organization’s bottom line through fines, bad publicity, loss of strategic customers, and legal action. According to the Ponemon Institute's 2017 Cost of Data Breach Study, the meantime to identify (MTTI) breaches has reached an average of 191 days, which translates into over six months of dwell time for attackers. Dwell time enables lateral movement — the key to increasing hackers’ chances of success.

1. You are concerned about your next audit and want to maintain compliance with complex regulations.
   Requirements such as the GDPR and NY Cybersecurity Requirements are ushering in a new era of accountability, in which every regulated organization that collects, stores, and uses sensitive customer data needs to raise the bar to meet new standards. Consequences for non-compliance can include fines of up to four percent of annual worldwide turnover, and instructions to cease processing. Technology controls are becoming necessary to achieve compliance in certain areas. DLP provides these controls, as well as policy templates and maps that address specific requirements, automate compliance, and enable the collection and reporting of metrics.

1. You need to protect data against security threats caused by BYOD and IoT.
   When used in conjunction with complementary controls, DLP helps to prevent the accidental exposure of confidential information across all devices. Wherever data lives, in transit on the network, at rest in storage, or in use, DLP can monitor it and significantly reduce the risk of data loss.

1. You would like to monitor your organization for inappropriate employee conduct and maintain forensic data of security events as evidence.
   Insiders represent a significant risk to data security. An employee who emails a work-related document to his personal account in order to work over the weekend may have good intentions. However, he or she poses a tremendous threat when there is confidential data involved. DLP technology offers 360-degree monitoring that includes email (both corporate accounts and webmail), instant messages, keystrokes typed, documents accessed and applications used. It also allows you to capture and archive evidence of incidents for forensic analysis. With DLP, you can limit and filter Web surfing, and control which applications employees can access. It is an invaluable tool in the effort to stop dangerous or time-wasting activities and helps to detect problems before they can damage your business.

1. You are uncertain of your organization’s level of protection for confidential data in cloud applications and storage.
   Data is increasingly being moved to applications in the cloud—an environment in which it is not apparent where data will be physically stored and processed. DLP recognizes confidential data, ensures that it does not make its way into the cloud without being encrypted, and is only sent to authorized cloud applications. Most cloud DLP solutions remove or alter classified or sensitive data before files are shared to the cloud to ensure that the data is protected when in transit and in cloud storage.

1. Your organization would like to proactively prevent the misuse of data at endpoints, both on and off the corporate network.
   DLP technology monitors all endpoint activity, on the corporate network or off. It can block emails or attachments containing confidential data, enforce policies on the transfer of data to removable media devices such as USB thumb drives, and even prevent activities such as printing, copying, and pasting. DLP offers complete data visibility and control, ensuring that employees, third-party vendors, contractors, and partners are prevented from leaking your data—intentionally or inadvertently.

1. You would like to automate corporate governance as a means of improving compliance while saving time and resources.
   DLP capabilities for the enforcement and automation of corporate policies and processes can help improve technical and organizational efficiencies, promote compliance, and provide methods for more comprehensive information governance. DLP provides up-to-date policy templates and maps that address specific requirements, automate compliance, and enable the collection and reporting of metrics. When a policy need is identified, DLP can make the change as simple as enabling an appropriate policy template on your system.

1. You would like to gain a competitive advantage, in both brand value and reputation.
   When organizations fail to take the necessary steps to identify sensitive data and protect it from loss or misuse, they are risking their ability to compete. Companies that get data protection and privacy right can enhance their brand reputation and resilience going forward. Those that get it wrong are likely to end up in the financial, reputational, and legal line of fire. DLP facilitates the protection of critical data and helps to prevent the negative publicity and loss of revenue that inevitably follow data breaches.