Quick Establishment to Data Loss Prevention (DLP)

Quick Establishment to Data Loss Prevention (DLP)


What is Data Loss Prevention (DLP)? : -Data Loss prevention (DLP) could be a name for a class of product or suite of tools designed to help protect information. Data Loss Prevention (DLP) can detect unauthorized data flows or stop unauthorized flows of sensitive info, depending upon how it is designed. In different words data loss/leak prevention solution is a system that is designed to detect potential information breach / data ex-filtration transmissions and prevent them from monitoring, detecting or blocking any kind of sensitive information while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).

How does DLP work? :- It varies with the DLP technology used, however in general terms a method of identifying information is applied to an information transport or storage purpose, if the information is detected to be in such kind of situation, a policy enforcement capability is invoked which in turn process to DLP. DLP mostly depends on a mixture of regular expression-based on string matching, file watermarks/signature, meta-data matching, transport type, conceptual, fingerprinting examination, and storage point/type based logic to spot the data that should be prevented and what the desired enforcement of the configured policy is. DLP solutions typically use content awareness and contextual analysis to determine when there are potential incidents.

Types of Data Loss Prevention (DLP) Systems: -The following are the types of Data Loss Prevention (DLP) systems-

Network Data Loss Prevention (Data in motion):- Basically a software package or hardware solution that’s put in at network egress points close to the perimeter. It analyzes network traffic to identify sensitive information that is being sent in violation of information security policies.

Endpoint Data Loss Prevention (Data in use):- Such systems run on end-user workstations or servers within the organization. Most of them are network-based systems, endpoint-based that can address internal as well as external communications, and can therefore be used to manage data flow between groups or types of users. they can also mange email and Instant messaging communications before they are keep in the company archive, such that a blocked communication (i.e., one that was never sent, and therefore not subject to retention rules) will not be identified in a subsequent legal discovery situation. End point systems have the advantage that they can monitor and manage access to physical devices (such as mobile devices with information storage capabilities) and in some cases can access data before it’s been encrypted. Some endpoint-based systems can even offer application controls to block attempted transmissions of secret or confidential data, and provide immediate alarm or results to the user. They have the disadvantage that they need to be installed on each workstation within the network, cannot be used on mobile devices (e.g., cell phones and PDAs) or where they cannot be practically installed.

Data in Rest:- “Data at rest” specifically refers to old archived data that is keep on either a client hard drive, network storage drive or remote server/file server , or even data stored in a backup system, like a tape or CD media. This data is of great concern to businesses and government institutions simply because the longer data is left unused in storage, the more possible it might be retrieved by unauthorized people outside the Network.

Warning: Invalid argument supplied for foreach() in /home/ricohidc/public_html/kb/wp-content/themes/twentythirteen/content.php on line 46

Leave a Reply