Data Loss Protection - Part 1 - What is Data Loss Prevention (DLP)?

Tuesday, December 20, 2011 by Brian Rosenfelt

In the world of information technology (IT), there are always a lot of buzz words and new terminology. From cloud computing to virtualization to social media to mobile apps, it’s a miracle small- and mid-sized businesses can stay on top of it all. 

And, there is a yet new term that you may not have heard of, but is a critically important concept to understand when it comes to the security of your network and your data: DATA LOSS PREVENTION (or DLP).

According to Wikipedia:

Data Loss Prevention (DLP) is a computer security term referring to systems that identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination and so on) and with a centralized management framework.

Data loss events continue to increase every year at businesses, large and small. Many of these events are caused by trusted employees who send sensitive data into untrusted zones, either intentionally or by accident. 

Some important questions you should ask your IT staff or your IT provider:

  • Do we have policies & procedures in place to ensure that our data isn’t “leaking” outside of our network?
  • Do we have technology in place to monitor these policies?
  • Do we have any way of preventing employees from taking corporate data or sending it to unauthorized parties?Does our “Data Loss Prevention” policy meet any compliance requirements we might have (HIPAA, GLBA, SOX, etc).
  • Do I know where my most confidential data is being held? 
  • Are we able to audit users’ access to our confidential data?

At the heart of Data Loss Prevention is understanding what the value of the data is to the organization and how everyone is responsible for ensuring its 'health and safety'. In essence, this can only be achieved through a comprehensive understanding of the risk facing your data, and educating the people who handle or access it. Mandatory training for all people who come into contact with it is a great first step. This may appear like a basic concept, but it is one that is often neglected. 

Click here for part 2 of this series, Choosing a DLP Solution.

For more information about network security, DLP or any of our other Cleveland IT services, please contact Skoda Minotti Technology Partners at 440-449-6800.

Comments for Data Loss Protection - Part 1 - What is Data Loss Prevention (DLP)?

Tuesday, December 27, 2011 by Consulting Sharepoint :
We have run into a few snags with data loss too using sharepoint. Im glad to see we aren't the only ones

http://www.affirmaconsulting.com/

Leave a comment





Captcha