DLP: What Is It and Why You Need It

What Is DLP?

Data Loss Prevention (DLP) refers to strategies and tools used to prevent the loss or leakage of data. DLP includes endpoint management, such as managing who has access to data and what they’re allowed to do with that access and protecting data in-transit. The number and type of protections implemented by a DLP strategy are informed by the priority of your data and the regulatory requirements you face.

There are four main areas that DLP solutions are applied to:

• Network-based — protect data in motion by analyzing the network traffic that crosses network boundaries, such as emails and instant messages, social media interactions, web applications, and SSL traffic. This involves blocking specific traffic and ensuring that data is properly encrypted.
• Storage-based — protect data at rest, like file servers and databases, by evaluating the security of locations where confidential data is stored. This involves setting appropriate access permissions and encrypting data.
• Endpoint-based — monitor the transfer of data, such as printing, saving to external storage, sharing through social media, etc., and either log, alert to, or block activities defined by security as possibly harmful. This involves setting appropriate access policies based on the endpoint type and using strong authentication methods.
• Content-aware — enable the enforcement of security policies through monitoring, blocking, or remediation according to content type or classification. This involves setting access and encryption policies according to data priority and limiting availability through the use of tiering or data segregation.

Sources of Data Loss

Data loss falls into two categories: accidental and intentional. Accidental loss occurs primarily due to human error, such as sharing a file to the incorrect person or inadvertently editing the wrong file, and systems failure, such as a third-party application exposing data through an unknown vulnerability or a power surge that damaged a server. Although this type of loss occurs without malicious intent, it still creates liability and can result in regulatory sanctions, fines, and loss of customer trust.

Intentional loss occurs due to the actions of malicious parties, either internal or external. Employees, contractors, or even clients can purposely share data with outside sources if they feel they have been wrongly treated or if there are sufficient motivations for personal gain, such as payouts from third-parties. Frequently, this type of loss occurs through hard copies of data, such as printouts or photographs, or through removable media like USB drives. Attacks through malware, compromised credentials, or phishing techniques can occur despite secure internal relationships when attackers target vulnerabilities in your configuration, those present in third-party integrations, or in human nature. Such attacks can be directed at you or at third-parties with whom you entrust your data.

Why You Need a DLP Solution

It doesn’t make sense to leave your data vulnerable when you can take relatively easy steps to protect it. If this isn’t enough reason for you though, here are some specific reasons to implement a DLP solution.

Increasing Value of Data

Modern businesses rely on data more than ever before, and the amount they produce and control has grown accordingly. This data is often one of the most valuable assets an organization has, making it a tempting target for thieves. The rising financial benefit from stealing data has driven criminal innovation, and the number of attacks attempted has increased.

Gaps Created by BYOD

Employees are increasingly using their own devices for work purposes, such as checking emails from their smartphones or working remotely on personal laptops. These devices can grant employees increased productivity but typically introduce vulnerabilities due to the limitations of security professionals to enforce protocols. The software on personal devices is often out of date or set with data sharing policies that are too liberal and greater use of third-party applications means additional routes of entry to data.

Cloud-Based Services

More and more organizations are moving to cloud-based platforms, which can mean greater security for small organizations lacking dedicated security professionals. However, it often means increased complexity and decreased control for established teams. The nature of cloud services means additional routes of access to data that needs to be protected and a reliance on the provider and other cloud customers, who share the same resources and services as you, to manage security appropriately. A further complication is added when employees use personal cloud storage or cloud-based services during their workday, as security teams may be unaware of their use and unable to protect them properly.

Loss of Revenue and Financial Penalties

When a data breach occurs, it often requires alerting customers and other invested parties, lowering the reputation of a company, and leading to a loss of customers. Even if lost data doesn’t result in a privacy breach, it can decrease the competitiveness of a business when it involves proprietary information or trade secrets, causing a decrease in revenue or an increase in supply costs.

A well organized DLP strategy will help you ensure compliance with regulatory standards and avoid the fines and penalties that come with breaking them. It can make adjusting to regulatory changes simpler by clearly outlining current vulnerabilities and measures taken, and simplifying the identification of areas needing modification. A good strategy will include consistent logging and verification of security systems, making compliance audits, whether official or not, simpler and faster.