In our last blog article, entitled What is Data Loss Prevention (DLP), we discussed the definition of DLP and why it’s important to understand. Your data is your company’s most valuable asset – and ensuring that the data is protected against “internal” threats is just as important as securing it against outside threats.
For most companies, data loss is largely attributed to employees. According to a recent Gartner report:
- 1 in every 400 messages contains confidential data
- 1 in every 50 network files is wrongly exposed
- 4 out of 5 companies have lost data on laptops
- Half of all companies have lost data on USB drives
- More than 52% of CIO’s (Chief Information Officers) believe data leakage is a top priority in their security spending.
It’s important to not wait until a breach occurs to implement a data leakage solutions. Without a comprehensive security structure to your network, you may not even know if a security breach occurs.
Here are a few tips of things to look for in a DLP solution:
Can the product search for data without any endpoint agents installed, or can it be as thorough as it can with these agents installed?
Can the DLP agents accomplish other security-related things on the endpoints? Some vendors can turn off USB connectors to block someone with a thumb drive from walking away with all of your customer data in their pocket. Others can control which applications can and can't be run on your workstations, laptops or even tablets.
What protocols can be blocked or analyzed? Just protocols involving e-mail (SMTP, POP and IMAP)? What about file transfer technologies or instant messaging?
How hard is it to create – and then change – the DLP rules? A DLP tool is only as good as its ability to have rules updated easily over time. Can your IT staff (or outsourced provider) easily update rules as new threats are identified or company policies updated?
What happens when a rule is broken? Can you figure out who violated the policy, where the offending information is stored, and what kinds of automated responses can be sent? Does the product come with pre-defined templates to make all of this easier?
Is the content analysis portion a separate or integrated piece of the product? In some cases, such as McAfee's DLP solution, you are going to need several different products to be installed to enable a complete solution.
What kinds of reports are available, and are they easy to understand? Does the product offer any real-time reporting capabilities, and how flexible are these reports?
Be sure to ask your security provider about DLP, and be sure to discuss the items mentioned above.
For more information about DLP or choosing a DLP vendor, or any of our other Cleveland IT services, please contact Brian Rosenfelt at Skoda Minotti Technology Partners at 440-449-6800.
Powered by Compendium
Comments for Data Loss Prevention – Part 2 – Choosing a DLP Solution