Develop and Deploy Data Loss Prevention

7 Steps to Develop and Deploy Data Loss Prevention Strategy

Reading Time: 3 minutes

It is not that only large enterprise should worry about Data Loss Prevention (DLP), because now even small companies are also the target for hackers. Having a DLP in place is necessary, because it prevents data leaks that can cause damage.

Hacker combat aims to guide the users on what’s new in DLP systems, including cloud access security brokers.

For every company, DLP is a major concern. Earlier the focus was to secure the physical documents, which can be easily stolen by the criminals during transit.

The growth of the Internet has increased the magnitude and with that, it has increased the chances of data theft. In short, multiple exfiltration channels have made the job of the cyber criminals easier.

DLP is known for an enormous multi-year undertaking. The program can be a manageable, progressive process, if organizations focus on a progressive approach. According to Anton Chuvakin, a member of the Gartner Blog Network, (March 15, 2013) “Deployment of a DLP tool should go from one tactical success to another, to avoid outright failure due to the complexity and organizational politics.”

This list provides general guidelines that your DLP strategy should follow. Bear in mind that there are a number of fundamental activities that must occur when initiating DLP software. It is all about choosing the right DLP solution for your organization.

1. Set Your Data Priority

The initial phase in any DLP program is to figure out which data would cause the most serious issue if it gets stolen. Manufacturing companies will prioritize their intellectual property, design document, and blueprints for future projects. Financial service and retailers will prioritize Payment Card Industry (PCI) information dearly. Those in the healthcare sector will obviously put their Medical records on priority. To sum it all, DLP should start with protecting the most valuable data that is most likely to be on the attackers’ list.

2. Classify the Data or Categorize

A formidable challenge in DLP is to classify data by context; associating with the source application, data store, or the user who created the data. Applying classification tags allows organizations to track their use. Content inspection is also useful and often comes with pre-configured rules for PCI, Personally Identifiable Information (PII), and other standards.

3. Know What Data Is at Risk

The type of data, encryption, and security controls may provide security when data is at rest, behind a firewall. Data that is shared with partners, customers, and the supply chain, pose a different risk. In these cases, it is often at the highest risk at the moment of use on endpoints. A robust DLP implementation must account for the mobility of data and the moments when data is put at risk.

4. Monitor All Data Movement

Identify and understand how data is used. Not all data movement represents data loss, but some actions can increase the risk of data loss. Organizations should monitor all data movement and keep their sensitive data safe and determine the scope of the issues that the DLP strategy must take care of.

5. Develop Controls

The next step for effective DLP is to work with business managers to understand and create controls for reducing data risk. Monitoring will give you an idea of how data is put at risk. Data usage controls may be the simplest form of a DLP initiative while generating support from line managers. As the DLP program matures, organizations can develop better methods to mitigate specific risks.

6. Educate Employees and Provide Guidance

User training has often proven to mitigate the risk of accidental data loss by insiders. Organizations should continuously educate employees on how their actions can result in data loss. Advanced DLP solutions can assist employees by prompting them of data use that may violate company policy.

7. Get in Control

Chalking out which data is important and getting control of it is the most important first step in DLP, but not the last. DLP is an ongoing process and starting with a focused effort. DLP is simpler to implement and manage, and if implemented properly it will also provide lessons on how to expand the program. Over time, you will be able to keep all the sensitive information secured, with minimal disruption to business processes.

About the Author

William Harvey is a technical blog writer who works in Hacker Combat. He writes about information security, focusing on web security, operating system security, and endpoint protection systems.




Editor's Note:
Reviewed by Dawie Wentzel, Head of Cyber Forensic Investigations at Absa Group Ltd and Vito Sardanopoli, Appointed Task Force Member at the U.S. Department of Health and Human Services (HHS)
get certified from ec-council
Write for Us