Why data loss prevention should be top priority
DLP solutions build extra layers of protection against data theft using deep content analysis and identification techniques.
Companies face increasing data security risks as the number of breaches continues to escalate. 2017 was reportedly the worst year on record for data breaches, which skyrocketed by more than 300% compared to 2016 (itself a record-setting year for the number of confidential files and records stolen).
There is no reason to doubt the globe's growing band of increasingly expert cyber criminals will continue their rampage in 2018, increasing the amount and scope of risks companies will have to face - and overcome - in order to secure their data.
It is clear the simple deployment of a firewall and other applications at the corporate network perimeter are no longer effective deterrents for cyber criminals, who are now cunning enough to be able to exploit a vulnerable business network for some time before any alarm is raised.
In this light, the implementation of a data loss prevention (DLP) strategy is crucial in today's business environment. DLP is defined as the deployment of one or more network security solution geared to monitor and protect corporate data through any number of centrally instituted policies.
These solutions will build additional layers of protection against data theft through the use of a range of methods, the most important of which rely on deep content analysis and identification techniques.
The need to implement DLP strategies is also being driven by increased insider threats. For example, DLP is being employed to ensure staff members do not send sensitive or critical information outside the corporate network.
DLP software products use business rules and policies to classify and protect confidential and critical information so unauthorised users cannot accidentally or maliciously share data.
DLP implementations are also driven by more rigorous international privacy laws that require companies to protect customer or client data and intellectual property.
A prime example is SA's Protection of Personal Information (POPI) Act, the purpose of which is to ensure all local business institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing another person's or organisation's information. In terms of POPI legislation, host organisations will be held accountable should they abuse or compromise the data in their custody in any way.
The POPI legislation considers personal information to be "precious goods" and therefore aims to bestow certain rights of protection on the owner of these "goods".
Against the backdrop of the ever-increasing need to keep proprietary information secure, DLP should also be seen as central to a strategy to ensure that, in the event of a disaster, lost data is able to be expeditiously recovered and restored.
It is obvious that any data breach has the potential to cost a company many millions of rands in damages and fines. In addition, no matter how a company handles a data loss incident, it will be heavily scrutinised. Inevitably, customers will lose confidence in the companies with poor data handling and security records, and this will translate into business losses.
No matter how a company handles a data loss incident, it will be heavily scrutinised.
How to take the first steps towards the establishment of an all-encompassing DLP solution is one of the fundamental questions being asked by network managers and administrators today.
Data security specialists will confirm that a successful DLP implementation begins with identifying and classifying sensitive data, monitoring transactions and limiting movement of data through the enforcement of security policies.
It continues with the establishment of appropriate data handling methods to facilitate the integration of all security technologies in operation within the company, and its existing security infrastructures.
In order to overcome any roadblocks and hurdles a DLP implementation might encounter, it is vital to plan every stage carefully. For example, the deployment of detection and test agents geared to track, collect and report on data movement throughout the corporate network is necessary in order to set criteria for the design of workflows, as well as devise incident handling processes and interventions.
In determining the most appropriate DLP solution for a company, it is important to note that data can leave the corporate network through any number of exit points. To minimise the risk of data loss, companies should look for a DLP solution that monitors and blocks content distribution. DLP tools should be specified that filter data streams on the corporate network and protect data in motion.
Whatever DLS solution is selected, it should be one that is easy to deploy and manage. A high-quality DLP implementation will ensure the protection of sensitive data using network and endpoint components that have been closely integrated.
In addition, a single user interface that can set policies, automate workflow processes, manage incidents and perform a range of administrative tasks will save a company a considerable amount of time as well as money.
Paul Stuttard is a director of specialist distributor Duxbury Networking. Currently Cape-based, he has been with the company for 29 years and has extensive experience in the IT industry, particularly within the value-added distribution arena. His focus is on the formulation of future-oriented network optimisation strategies and business development objectives in collaboration with resellers and end-users in Southern Africa.