As the global economic crisis continues, companies experience rising pressure from industry regulators to implement measures to prevent leakage of sensitive information.
Guy Golan, MD of NGS, a subsidiary of JSE-listed SecureData Holdings, says data loss prevention (DLP) is becoming part of many organisations' core budget. He will reveal 10 rules to successful DLP implementation at this week's ITWeb Security Summit, being held at VodaWorld in Midrand.
Golan will discuss the importance of accuracy, of the business buying into the DLP process, of moving from monitoring to enforcement, and of endpoint versus gateway.
DLP is vital
Golan says the business side of an organisation needs to play a defining role in DLP. “DLP is becoming the ultimate type of threat. Companies think they know DLP, but they don't.
“In the past, when the economy was good, we saw more accidental breaches. But now we are noticing a massive correlation of DLP and the economic crisis with more intentional incidents than accidental. According to Gartner, 85% of all breaches happen from the inside of an organisation rather than from the outside environment. Companies are putting up so many walls to protect themselves from external breaches; meanwhile the inside is being neglected.”
Understanding DLP
Golan points out that some of the major challenges facing an organisation are lack of true understanding of DLP, as well as the complexity of the IT infrastructure. He notes: “At the end of the day, everything is interlinked and DLP needs to be simplified.
“There are three layers that companies need to tackle, namely the information a business wants to protect; channels such as e-mail, mobile devices and Skype; and the people who are authorised to access that information.”
Golan adds that DLP is crucial considering that security breaches are on the increase. “The key elements an organisation needs to look at is making sure how the business side sees DLP and to make decisions based on effective DLP implementation.”
Related stories:
Securing the cloud
Cracking the security culture
Moving into an information world
Hackers target security vulnerabilities
Share