Top learnings from evaluating and implementing a DLP Solution
Escorts IT – DLP Project Review
Escorts – Brief Background
More than 65 years old premier engineering company of
Escorts has four major divisions & Corporate Office
• Escorts Agri Machinery .
• Escorts Construction Equipment.
• Escorts Railway Product.
• Escorts Automotive Product.
• Tractors , Implements, Gensets,
• Crains, Compactors, Backhoe loaders,
• Shockers, Brakes, Auto Components ,
• Components for Railways like couplers, shockersss
Combined turnover of around Rs.5000 crores.
Data Loss Prevention
Three Key Organization Challenges
Where is my confidential data stored?
• Data at Rest
Where is my confidential data going?
• Data in Motion
How do I fix my data loss problems?
• Data Policy Enforcement
DLP- Key Expectations
To address the challenges of securing data in use, data in
motion and data at rest.
To protect proprietary and sensitive information against
security threats caused by enhanced employee mobility and
new communication channels.
To proactively prevent the misuse of data at endpoints
(Laptops/Desktops) for unauthorized circulation, both on and
off the Escorts network.
E-Mail access control from devices (without DLP Endpoint)
outside of the Escorts Network.
Protect data at Email gateway in the cloud.
Data Loss Prevention - a Priority
Secured working environment
IPR & Critical information protection
Brand and Reputation Protection
Involved industry leading DLP vendors
15 days of POC at our site for each solution
Evaluation of DLP against defined requirements
Integration feasibility with IRM
Successful Case studies
Strong Product Roadmap
Propose to cover the entire user base across all
divisions of Escorts including
All end points desktops & laptops
Email solution on the cloud
Integration with Active Directory
Key Implementation Highlights
Presented the project objectives to GMC (Group
CEO’s, CFO’s, Material Heads, R&D heads of all divisions
and chaired by Managing Director.
Phased the implementation track wise , across
divisions, covering the most critical departments like R&D
and Materials first.
Created core user groups, across divisions, for each
vertical such that all interrelated core users were part of
one track. Eg Procurement and R&D core users were part
of one track.
Established a project governance structure to monitor the
Key Implementation Highlights
Extensive trainings to core users to equip them to
rightly classify the data getting generated in their
Training to end users on the project objectives, data
classification and its impact on their working.
Managing the fears, assumptions of users.
Involved the internal auditors in the project from the
Data Classification is the heart of the DLP project.
What is Data Classification ?
• It is a scheme by which the organization assigns a level of
sensitivity and an owner to each piece of information that it
Confidential, Internal, Public
Not all information requires same protection
Classification helps in establishing the value of information
Also helps in determining the level of protection required and
in selection of appropriate controls
• Individual that has responsibility for making classification
and access control decisions for information
• Individual, organizational unit, or entity acting as caretaker
of information on behalf of its owner
Information Security Officer (ISO):
• A designated officer responsible for information security
Never try to implement DLP as a IT project. It will fail
miserably. Let Business spearhead the project and do most of
Availability of dedicated core team.
Involve all stakeholders from end users to senior leadership
at every stage of the project.
Handle change management issues of people and processes
very intelligently involving stakeholders and dispel all wrong
notions and fears of business community.
Set the right expectations among business teams.