So, you’ve decided to implement a Data Loss Prevention solution for your business... but you have no idea how it works. We can fix that.
(See our Part 1 and Part 2 of this series for information on why a data loss prevention plan is important).
First, we need to identify the three major categories of data for you:
1. Data in Motion: Any data that is moving throughout the network (especially from inside the network to outside the network via the internet)
2. Data at Rest: Data that is stored on file servers, databases, backup drives, mail servers, etc.
3. Data at the Endpoint: Data that resides on end-user devices such as workstations, laptops, tablets, Smartphones, external drives and other mobile devices.
It's important for you to understand... A good DLP solution with provide monitoring and protection for all three of these categories of data.
First, the solution must be able to monitor the network to ensure that “Data in Motion” is protected against unauthorized transfers. Examples include employees emailing sensitive files to themselves using public webmail services like Gmail, Yahoo, AOL, etc.
Second, the solution should be able to monitor all file storage locations (“Data at Rest”), and ensure users aren’t manipulating that data in a way that violates the DLP policy. As an example, preventing employees from copying data from a file share to a USB drive.
Finally, the solution should have an “agent” component that can be installed on end user devices, such as workstations and laptops to ensure that policies aren’t violated, even when those devices are outside of the corporate network.
For more information about implementing a DLP solution, or any of our other Cleveland IT services, please contact Brian Rosenfelt at Skoda Minotti Technology Partners at 440-449-6800.
(See our Part 1 and Part 2 of this series for information on why a data loss prevention plan is important).
First, we need to identify the three major categories of data for you:1. Data in Motion: Any data that is moving throughout the network (especially from inside the network to outside the network via the internet)
2. Data at Rest: Data that is stored on file servers, databases, backup drives, mail servers, etc.
3. Data at the Endpoint: Data that resides on end-user devices such as workstations, laptops, tablets, Smartphones, external drives and other mobile devices.
It's important for you to understand... A good DLP solution with provide monitoring and protection for all three of these categories of data.
First, the solution must be able to monitor the network to ensure that “Data in Motion” is protected against unauthorized transfers. Examples include employees emailing sensitive files to themselves using public webmail services like Gmail, Yahoo, AOL, etc.
Second, the solution should be able to monitor all file storage locations (“Data at Rest”), and ensure users aren’t manipulating that data in a way that violates the DLP policy. As an example, preventing employees from copying data from a file share to a USB drive.
Finally, the solution should have an “agent” component that can be installed on end user devices, such as workstations and laptops to ensure that policies aren’t violated, even when those devices are outside of the corporate network.
For more information about implementing a DLP solution, or any of our other Cleveland IT services, please contact Brian Rosenfelt at Skoda Minotti Technology Partners at 440-449-6800.
Powered by Compendium
Comments for Data Loss Prevention – Part 3 – How DLP Technologies Work