Gartner assigns Data Loss Prevention (DLP) as the fastest growing security segment, with an annual growth rate of 18.9 percent through 2018. Driving this growth is the mind-boggling amount of electronic data that is accumulating year over year.
Research firm IDC says by 2020, the data we collectively create annually will reach 44 zettabytes, or 44 trillion gigabytes. Add in recent increases in the portability of data and employee mobility, and the potential for data loss escalates further.
When it comes to data loss, what’s at stake for a business? In a word—everything.
The potential damage to a company from a data breach can be catastrophic (hello Sony Pictures), ranging from loss of intellectual property, to decreases in sales and market share and a potentially fatal blow to an organization’s reputation. In addition, expensive lawsuits and costly penalties for failing to comply with strict data protection regulations are also on the rise.
Industry analysts have struggled to put a number on the actual cost of data loss, with estimates ranging anywhere from $0.58 to $201 per record. Regardless of the exact costs, what can organizations do to protect themselves, their customers and their stakeholders? Here are four essential steps to effective DLP:
What’s at risk?
When protecting against potential data loss, it’s important to first understand what’s at risk. For any business, the data threat generally falls into three primary categories: intellectual property (e.g., product designs, source code, process documentation, etc.), enterprise information (strategic plans, financial reports, employee data, etc.) and customer information (payment card numbers, individual details, banking information, etc.). Obviously, such information falling into the wrong hands would be disastrous for any business.
Start by getting your arms around your data — inventorying, categorizing and prioritizing. Map out your information assets and understand all the steps that go into how they are built, stored, managed and protected.
How do data breaches happen?
It’s helpful to assign categories to potential data loss culprits. Categories might include employees (or other insiders) who accidentally lose data, employees who deliberately leak data and external attackers who target your company or specific data silos.
While malicious international hackers and saboteurs get the headlines, much more common (and preventable) breaches occur though the actions of careless or distracted employees who manage or interact with confidential information. A misplaced smartphone with no password or tracking ability, a dropped unencrypted USB drive or a simple click on a fraudulent link on an unprotected PC/laptop are a few simple examples of how data can be leaked accidentally.
Start within the organization
Since employees are often the root cause of data leakage, rigorous information management safety training is an easy-to-implement first step towards preventing data loss. Of course, training should be tied to set policies and procedures that dictate who has access to what information, and clear instructions and rules on how it should be handled.
Also, put as many automated tools in place within your organization to set DLP policy centrally, and perform enforcement automatically rather than leaving the task to the “good” judgment of individual employees. Policy enforcement and scope depends on the nature of the data, the size and distribution of the company enterprise, and the degree of risk associated to the internal and external threats.
Know your DLP options
Companies should understand and consider the following types of DLP coverage:
• Endpoint-Based DLP monitors individual endpoints and devices, such as desktops, laptops, smartphones and tablets, to discover and prevent data leakage. Activities such as outgoing emails and print commands can be reviewed for discrepancies. The advantage with this approach is that it is centrally managed and policy driven, and prevents data loss at the PC/endpoint level, even if the data never reaches the Internet. The disadvantage is that it must be deployed on all corporate PCs and laptops to ensure maximum protection of corporate data.
• Network-Based DLP is installed at the perimeter of business networks; it analyzes network traffic to pinpoint critical data that flows out of the company’s internal network to the Internet. If predefined information disclosure policies are violated, the source of such leakage is flagged. The advantage of this approach is that it is centrally managed and policy driven. The disadvantage is that it cannot prevent data loss at the PC/endpoint, for example via USB drives.
• Storage-Based DLP protects the storage location of confidential data. Unsafe storage is often caused by improper data retention policies, so these solutions can do far more than just protect critical data from leaking.
• Content-Aware DLP enforces company policies based on the content and classification of crucial data. If a predefined keyword or file type is detected to be leaving the organization, a flag is raised, allowing a business enterprise to prevent accidental or deliberate leakage of data. All of the above three approaches need to incorporate content-aware DLP.
• DLP Basics: In addition to the above, DLP tools should eliminate the threat of security leakage through rogue apps and malicious software, scan installed programs and devices for security holes or blind spots, and prevent targeted attacks through malware or other malicious techniques.
Because all of these capabilities have become essential for businesses today, it’s easy to understand not only why DLP is on fire as a security segment, but also why it’s critical to put a DLP solution in place earlier rather than later.
Finding the right approach to DLP for your organization is what’s key. Do your homework and make sure the approach you select reinforces your company’s information security policies.
(About the author: Farokh Karani is a director at Quick Heal Technologies, a leading global provider of IT security solutions which are sold in North America exclusively through channel partners.)
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access