Understanding the Need for Data Loss Prevention ( DLP )
The inherent need for DLP can be easily understood when viewed in terms of Traditional Network Security (firewall for example) versus Data Security ( DLP ), or Inbound content security (like AntiVirus or AntiSpam) versus outbound ( DLP ).
To elaborate, a firewall or any other perimeter security device that protects our network from the outside only polices external connections, and regulates whether or not they are allowed access into our network. A firewall or IDS/IPS doesn’t look at what’s leaving the organization. Therefore, a firewall cannot monitor which emails are going out, the content within said emails, persons accessing their Gmail, or what’s being uploading to that personal account, among many other things. Such is the difference between traditional network security and Data Loss Prevention.
Not only do we need to keep the bad guys or bad content out, but we also need to ensure the good stuff stays in. A data breach is a classic example of the latter scenario. Content can leak from a hack or from malware that is leaking information out. It can also be accidental, such as an employee taking information home to work on it later. It can even can from a malicious insider, which could be a disgruntled employee leaking information to hurt your brand.
In the recent Target breach for instance, Target passed their PCI audit. However, PCI is only a list of basic security requirements, not a ‘best-practices’ for data security. Most of our assets are in the form of data or electronic information, and the job of Data Leakage Prevention or DLP is to prevent those electronic assets from leaking out. These assets might include Intellectual Property, Trade Secrets, Customer Lists, Customer Credit Card Information (Again Target and Neiman Marcus are examples), patient data (ePHI), medical records, etc.
An expertly deployed DLP solution can prevent data from leaking via; emails, web traffic such as Gmail or any other web mail, and from traveling endpoints like laptops from your mobile workforce. Additionally, there are ways to integrate DLP with encryption, so when you do need to send trade secrets out to valid business partners, you can seamlessly encrypt that data, ensuring it doesn’t get leaked or stolen or breached.
Get into contact with us;
*By Filling Out the Form Below