In our last blog article, entitled What is Data Loss Prevention (DLP), we discussed the definition of DLP and why it’s important to understand. Your data is your company’s most valuable asset – and ensuring that the data is protected against “internal” threats is just as important as securing it against outside threats.
For most companies, data loss is largely attributed to employees. According to a recent Gartner report:
- 1 in every 400 messages contains confidential data
- 1 in every 50 network files is wrongly exposed
- 4 out of 5 companies have lost data on laptops
- Half of all companies have lost data on USB drives
- More than 52% of CIO’s (Chief Information Officers) believe data leakage is a top priority in their security spending.
It’s important to not wait until a breach occurs to implement a data leakage solutions. Without a comprehensive security structure to your network, you may not even know if a security breach occurs.
Here are a few tips of things to look for in a Data Loss Prevention solution:
Where does the product look for data across your network? Does it find sensitive data just traveling your network, on your database and file servers, or does it look at data on local desktops?
Can the product search for data without any endpoint agents installed, or can it be as thorough as it can with these agents installed?
Can the Data Loss Prevention agents accomplish other security-related things on the endpoints? Some vendors can turn off USB connectors to block someone with a thumb drive from walking away with all of your customer data in their pocket. Others can control which applications can and can't be run on your workstations, laptops or even tablets.
What protocols can be blocked or analyzed? Just protocols involving e-mail (SMTP, POP and IMAP)? What about file transfer technologies or instant messaging?
How hard is it to create – and then change – the Data Loss Prevention rules? A DLP tool is only as good as its ability to have rules updated easily over time. Can your IT staff (or outsourced provider) easily update rules as new threats are identified or company policies updated?
What happens when a rule is broken? Can you figure out who violated the policy, where the offending information is stored, and what kinds of automated responses can be sent? Does the product come with pre-defined templates to make all of this easier?
Is the content analysis portion a separate or integrated piece of the product? In some cases, such as McAfee's Data Loss Prevention solution, you are going to need several different products to be installed to enable a complete solution.
What kinds of reports are available, and are they easy to understand? Does the product offer any real-time reporting capabilities, and how flexible are these reports?
Click here to read parts 1, 3 and 4 of this series:
- How DLP Technologies Work
- Steps for a Successful Data Loss Prevention Plan Implementation
- What is Data Loss Prevention?