InsightaaS: UBM’s Dark Reading is one of the web’s best security information resources, connecting security professionals and information via ten communities that “drill deeper into the enterprise security challenge.” In this post, contributing writer Erica Chickowski provides an explanation of DLP – what it is, why it’s important, and how to overcome the obstacles that prevent firms from getting value out of their DLP investments. Chickowski provides detailed guidance on establishing a “risk-based DLP program” based on data classification and sound understandings of data locations and data flows to ensure that security resources are aligned with the most important business objectives. In an interesting twist, Chickowski positions DLP as “a technology of last resort…the thing that’s supposed to catch the mistake after you thought you’d done everything right.”
From Wikileaks to the NSA Prism surveillance scandal, organizations are seeing firsthand that employees and contractors can do real damage if they steal or
leak sensitive data.
Malicious data leaks are less common than attacks by outside hackers, but an internal leak can be much more damaging because insiders know the systems they’re stealing from and are less likely to be detected.
Data-leak prevention (DLP) software and services are designed to help prevent such leaks. These content-aware filtering technologies monitor content on the endpoint, in the network, and within storage in an effort to detect and block actions involving sensitive data that might violate company data use policies.
Based on advanced technology that includes content registration and filtering of very sensitive data, as well as filtering based on keywords, lexicon, metadata tags, and machine-learning statistical analysis, DLP can go a long way to preventing sensitive data from being exposed where it shouldn’t.
But many organizations are still struggling to find the best way to implement DLP…