DLP and how it work
What is DLP
DLP stands for “Data Loss Prevention.” It is a technology designed to protect data from being exposed to unauthorized users. As an example, you might have a Microsoft Word document containing Social Security Numbers or credit card numbers. DLP can be set to flag the document as containing “sensitive data” and you can choose to prevent the document from being printed or emailed outside of your network.
How does DLP work?
DLP is basically a list of rules that define what data can be considered “sensitive” and what actions can be performed on that data. In the example above, you might have a rule that prevents Social Security Numbers from being emailed outside of the network. When a rule is triggered, the software takes the appropriate action – in this case, preventing the document from being emailed.
What is DLP good for?
DLP is one of those tools that can be very helpful or it can be absolutely useless – depending on how you configure it. For example, if you set up a rule that says “Make sure that any file containing the word ‘Social Security Number’ is flagged as sensitive,” you will flag every single document on your network. It will be impossible to print, email, or share any document that contains the word “Social Security” in it. That would be very annoying!
Where DLP can be very helpful is in combination with other security technologies. For example, if you set up DLP rules that flag documents containing credit card numbers and you also set up rules that prevent users from downloading applications from the Internet, you can save yourself a lot of time and hassle.
How can DLP help?
DLP is a great tool for companies that have sensitive data to protect. It is particularly useful if you have a regulated industry – for example, a healthcare organization or a bank. Research has shown that most companies with electronic files containing sensitive data have had at least one incident where that data was compromised.
However, DLP is not a substitute for data backup. If a hacker breaks into your network and steals a file containing confidential data, DLP will not save you. In addition, DLP does not protect against data that is stored in a database or an application. To protect your data, you need to have data backup, file-level encryption, and DLP.
What is the problem with DLP?
The biggest problem with DLP is that it is not foolproof. For example, you can configure DLP to flag Social Security Numbers and credit cards. However, if you have a file containing Social Security Numbers and credit card numbers, DLP will not flag the file as containing sensitive data. This is because DLP can only flag files or emails if it detects the specific data you are trying to protect.
In addition, DLP is only useful if it is enabled. For example, many companies don’t enable DLP until a security breach occurs. However, if you wait until after a security breach, it is too late – the damage has already been done.
There are two ways to protect sensitive data – encryption and DLP. Encryption protects data from being read, but DLP protects the data from being exposed. Both are very important.