The need for data protection has seen a surge in the recent past and organizations are finding themselves subject to an increasing number of data protection requirements that obligate them to protect employee, consumer and customer personal data against threats and hazards from within and outside of their organizations. In addition to protecting regulated data, many organizations are looking to protect intellectual property and other sensitive data within the organization that may pose a greater threat to the enterprise.
Owing to this need, many information security solution providers have introduced Data Loss Prevention technology solutions that allow organizations to address protection of data across the three main stages of the data lifecycle namely – Storage, Use and Transit. These solutions enable enforcement of data protection policies as well as provide data discovery, data encryption, event monitoring and quarantine of sensitive data.
The unfortunate result of growing number of data security breaches and availability of multiple solutions in the market is that the organizations are ending up selecting a wrong technology or the one that doesn’t suit to their current business requirement. Although some make smart move and are able to choose the right one, but the realization level goes higher when even after selecting the right solution the challenge of right implementation and optimal utilization becomes a big challenge.
And that’s where it’s utmost important to take an informed decision before implementing the DLP as to whether this is embraced as mere Technological Tool or a ‘System’. Because system will involve not only the technology but also the people, processes and the business needs. In most of the organizations where DLP was implemented as a technology without any business alignment, fell flat without deriving any benefit out of it and was considered a futile investment. However, considering the very fact that data protection today is the need of the hour, organizations should consider the following:
- Coverage – The available solution in the market are majorly developed with keeping in mind the comprehensive coverage to achieve the highest effectiveness of the tool. The coverage addresses the complete spectrum of data leakage points mainly, data transiting through network gateways, stored on servers and workstations, and data in use. Companies must look into the level of coverage business requires. Anything more or less to the current requirement would lead to non optimal utilization.
- How to Detect? – The most critical part of DLP solution is to understand the use of the right detection methodology. Various methodologies available these days detect the sensitive data either through keywords or specific patterns. The introduction of fingerprinting has made the detection even the better where part or complete document could be one-way hashed and stored in the DLP tool. The right detection method would result in increased effectiveness of tool and better protection.
- Prevention or Block – The decision to put DLP in prevention or block mode or a combination of both, is crucial in terms of ensuring that the business doesn’t get affected due to inappropriate use of the technology. This dilemma is very natural and is supposed to be eliminated before making the DLP system operational. There have been instances where any wrong step in this area led to non acceptance of the technology by the business.
- Centralized Incident Management - Everything is available but what next – This question will arise when DLP is implemented and working as per the requirement. But ideally the objective is still not met if the incidents or alerts triggering in DLP tool due to breach, are not addressed as per organizational norms. Unlike IT incident management, the DLP demands a detailed and proper analysis of data that has move out of the organization and this could only be performed by the team that either is part of the organization or by an external team that understands the business.
- Employee Awareness - The DLP system completes with aligning people and the organizational processes handled by them, with it. The awareness is not limited to sensitizing people about the after effects or the actions that might be initiated against them if they are either violator or party to data breach. It is more like involving them that could help the system being utilized effectively. The input from the users will help formulating the rules and detection method which would in turn strengthen the overall system.
Market trend indicates that the requirement of DLP is expected to grow drastically in the coming years. This prediction is majorly based on the growing incidents of data breaches across the world and the losses organizations are facing whether on financial or brand reputation front. It’s pertinent to act as fast as possible the moment need for data protection is learnt in the organization. DLP brings change in the organizational culture and this change must be embraced sooner or later.