Data Loss Prevention (DPL): Make It Work

 

Data Loss Prevention (DPL): Make It Work

 

Like leg warmers in decades past, the term Data Loss Prevention (DLP) is back. But unlike leg warmers, the DLP is really cool; increasingly sophisticated and something, in the style of Tim Gunn, companies will want to make it work.

As its name implies, Data Loss Prevention or prevention of data loss, deals with the effective prevention of the loss or misuse of data. Through various means, including content discovery and analysis, which helps prevent end users from accidentally or maliciously sharing sensitive, confidential or critical data that could put a business at risk. 

De facto, Data Loss Prevention allows administrators to set policies (from a predefined content selector library) or even create custom rules to analyze email output (including attachments). If something appears out of place, DLP can quarantine the emails for review, request that users modify the data, or block the emails and notify the senders.

The concept is not new, but the ability to put it to work more easily and feasibly is.

DLP in the headlines, again

Let's look at Google. While Google has been using tools for encryption, sharing of control, mobile device management, and two-factor authentication to help keep email secure, they recently announced an additional layer of protection: DLP for Gmail. I mean, if DLP is something new for Google, maybe, it's time to take a closer look at this technology. Again.

Let's go back to the year 2007, when DLP was in the main headlines in particular, with the topic of Symantec's acquisition of the promising manufacturer Vontu. At the time, the Vontu offering was thought to be the answer to the rise of other security products. Unfortunately, hopes were dashed when the product turned out to be too complex for real-world practice.

Like water and electricity, people tend toward the path of least resistance. They like simplicity, and Vontu's work-benefit relationship wasn't very attractive. The default product was insufficient (either too permissive or too restrictive) and resulted in too many false positives. Users lost track of what was real and what was not. And while it is impossible to see everything, the complexity required to create infiltrator rules to ensure that the correct information was received was more than overwhelming.

You are a superstar. Yes you are

·         Fast forward to 2016, and Data Loss Prevention coming back to life: In the report, “Market Data Loss Prevention in Numbers: 2014-2019,” 451 Research predicts that the DLP market will grow by $ 1.7 trillion by 2019 Similarly, as revealed in the "Overview Forecast: Information Security, Global Network and 3Q15 Update," Gartner expects DLP to be among the fastest growing segments for 2019, with a growth rate of annual combined 9.9 percent.

 

·         So DLP, don't they love you? Why should they? When it works, DLP delivers a number of business benefits, including support for compliance and protection of intellectual property. Today, thanks to the increased power of computing, cloud, and machine learning techniques, DLP solutions are faster to inspect content, more accurate in build and fit policies, more efficient in management of content policies. violations. They also facilitate benchmarking by being more automated of what constitutes good and bad content, effectively reducing false positives. It's all about allowing companies to not only understand where their data resides and how it is being used, but helps control where it goes and where it doesn't.

 

Your DLP on a secure delivery platform

Another great advantage of the DLP today is the option to deploy on a Security Platform (Security Delivery Platform) instead of directly connecting the network.

Inspection of DLP can be computer intensive. It is one thing to check attached metadata as if it were a spreadsheet, and another to search through each email for phrases, formulas and codes that should not be leaving the network.

A Security delivery platform can reduce applications such as video or Windows traffic maintenance that the DLP does not need to see or analyze. For the recovery of traffic from any point of the network, including remote offices and virtualized network segments. A security platform gives the organization a better chance of the DLP catching sharing of unauthorized information. Most importantly, it makes DLP extremely efficient by delivering only relevant data such as emails with attachments.

On the other hand, there is the option of having a bit of a shake in terms of automation. If another detection device, such as an IPS or NAC, detects an anomaly, the DLP can, through the APIs , instruct the Security Delivery Platform to start sending emails to the DLP for future inspection.