Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.
Data Loss Prevention solutions help companies avoid data loss incidents through a continuous data monitoring process across endpoints, networks and clouds.
Using IESVE for Room Loads Analysis - UK & Ireland
Data Lost Prevention (DLP).pdf
1. Lock Down Your Data, Not Your Business
with
Data Lost Prevention (DLP)
Speaker : Agusto Sipahutar
Agustox21@yahoo.com
2. 2
What Is DLP
Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive
data is not lost, misused, or accessed by unauthorized users.
Data Loss Prevention solutions help companies avoid data loss incidents through a continuous data
monitoring process across endpoints, networks and clouds.
3. 3
3 Main Uses Cases for DLP
Data loss prevention solves three main objectives that are common pain points for many organizations are :
1. Personal Information Protection / Compliance: Does your organization collect and store Personally Identifiable
Information (PII), Protected Health Information (PHI), or payment card information (PCI)? If so, you are more than likely
subject to compliance regulations, such as HIPAA (for PHI) and GDPR (for personal data of EU residents), that require you
to protect your customers’ sensitive data. DLP can identify, classify, and tag sensitive data and monitor activities and
events surrounding that data. In addition, reporting capabilities provide the details needed for compliance audits.
2. IP Protection: Does your organization have important intellectual property and trade or state secrets that could put your
organization’s financial health and brand image at risk if lost or stolen? DLP solutions like Digital Guardian that use context-
based classification can classify intellectual property in both structured and unstructured forms. With policies and controls
in place, you can protect against unwanted exfiltration of this data.
3. Data Visibility: Is your organization seeking to gain additional visibility into data movement? A comprehensive enterprise
DLP solution can help you see and track your data on endpoints, networks, and the cloud. This will provide you with
visibility into how individual users within your organization interact with data.
While these are the three main use cases, DLP can remediate a variety of other pain points including insider threats, Office
365 data security, user and entity behavior analysis, and advanced threats.
4. Why Do Companies Need a Data Loss Prevention Solution?
1. Cyber Threats are Increasing
2. Data Leaks Can Come from Internal Parties
3. BYOD (Bring You Own Device) Policy Risk
4. Safer Data Management
5. Increase the Role of CISO
6. Helping the Work of the Company's IT Team
6. Scenario A - Implement A DLP At Rest Solution
A fictional company named Medical Health Records processes medical insurance claims for a regulated
Health Care organization.
They are aware that HIPAA and Medical claim data reside on file servers, but they are not sure where the data
is located.
Solution: Implement A DLP At Rest Solution using GCP - Sensitive Data Protection
Here the best choice would be to implement a DLP at Rest solution. The strategy would include a discovery
scan of unstructured data, which will crawl the selected storage and locate data matching the pattern of
HIPAA and Medical keywords, as set forth in the scan policy.
When a pattern match occurs, a notification alert will be recorded in the DLP database and viewable on the
management console by the DLP Analyst.
7. Scenario B - Implement DLP For Endpoints
The Sales team is complaining that they cannot store their PowerPoint presentations on
USB thumb drives. There isn’t any sensitive data saved, only presentation.
Solution: Implement DLP For Endpoints using McAcfee / Acronis Endpoint Protection
DLP for the Endpoint in most cases allows the ability to whitelist users via a policy based
on Active Directory membership.
8. Scenario C - Implement DLP Policy
The CEO would like to know when the secret formula document has moved from its
original location or emailed within network.
Solution: Create A DLP Policy using GCP, Mcafee or Acronis then define all rule base on
policy ex. Policy for HRD, Finance Team, etc
Create a policy that detects the exact match of the document or monitor for specific
keywords as it resides in storage or email.
9. Why US
We will provided Licenses and Implementation
For after sales provided Managed Service (If Needed)
Have team that specializes in products
After implementation, knowledge transfer and documentation will be provided