SlideShare a Scribd company logo

Data Leakage Prevention (DLP)

Network Intelligence India
Network Intelligence India

Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry.

Technology
1 of 9
Download to read offline
DATA LEAKAGE PREVENTION – IMPLEMENTATION AND CHALLENGES From This article focuses on common pitfalls when implementing a DLP solution to secure your organizational information assets. The article also lists out our practical insights; lessons learnt and recommended process to achieve an effective and efficient DLP implementation.
Data Leakage Prevention (DLP) Document Tracker Author Version Summary of Changes Manasdeep August 2012 Document Created Confidential  Network Intelligence (India) Pvt. Ltd. Page 2 of 9
Data Leakage Prevention (DLP) NOTICE This document contains information which is the intellectual property of Network Intelligence. This document is received in confidence and its contents cannot be disclosed or copied without the prior written consent of Network Intelligence. Nothing in this document constitutes a guaranty, warranty, or license, expressed or implied. Network Intelligence disclaims all liability for all such guaranties, warranties, and licenses, including but not limited to: Fitness for a particular purpose; merchantability; non infringement of intellectual property or other rights of any third party or of Network Intelligence; indemnity; and all others. The reader is advised that third parties can have intellectual property rights that can be relevant to this document and the technologies discussed herein, and is advised to seek the advice of competent legal counsel, without obligation of Network Intelligence. Network Intelligence retains the right to make changes to this document at any time without notice. Network Intelligence makes no warranty for the use of this document and assumes no responsibility for any errors that can appear in the document nor does it make a commitment to update the information contained herein. Copyright Copyright. Network Intelligence (India) Pvt. Ltd. All rights reserved. NII Consulting, AuditPro, Firesec, NX27K is a registered trademark of Network Intelligence India Pvt. Ltd. Trademarks Other product and corporate names may be trademarks of other companies and are used only for explanation and to the owners' benefit, without intent to infringe. NII CONTACT DETAILS Network Intelligence India Pvt. Ltd. 204 Ecospace, Old Nagardas Road, Near Andheri Subway, Andheri (E), Mumbai 400 069, India Tel: +91-22-2839-2628 +91-22-4005-2628 Fax: +91-22-2837-5454 Email: info@niiconsulting.com Confidential  Network Intelligence (India) Pvt. Ltd. Page 3 of 9
Data Leakage Prevention (DLP) Contents 1. I N T R O D U C T I O N 5 W H A T I S D LP? [ 1 ] 5 2. D A T A L O S S V S . D A T A L E A K A G E 5 a. Types of DLP systems: 5 3. G E N E R I C D A T A L E A K A G E P R E V E N T I O N 6 a. Deploy Security Mechanisms 6 b. Advanced security measures 6 4. D LP SOL UTIO NS 7 a. Mechanisms for classifying sensitive information : 7 b. Popular DLP Solution Vendors: 7 5. C A T E G O R I E S OF D LP [ 1 ] 7 a. Network DLP (aka Data in Motion) 7 b. Storage DLP (aka Data at Rest) 7 c. Endpoint DLP (aka Data in Use) 7 6. D A T A I D E N T I F I C A T I O N [ 1 ] 8 7. P R E P A R I N G F O R D LP I M P L E M E N T A T I O N [ 2 ] 8 8. D LP I M P L E M E N T A T I O N C H A L L E N G E S 8 a. Other implementation challenges: 8 9. R E F E R E N C E S 9 Confidential  Network Intelligence (India) Pvt. Ltd. Page 4 of 9
Data Leakage Prevention (DLP) 1. I NTRODUCTION Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry. To prevent from all these unwanted and unpleasant activities from happening, an organized effort is needed to control the information flow inside and outside the organization. Here is our attempt to demystify the jargon surrounding the DLP procedures which will help you to choose and apply the best suitable option for your own business. What is DLP? [1] Data Leakage Prevention is the category of solutions which help an organization to apply controls for preventing the unwanted accidental or malicious leakage of sensitive information to unauthorized entities in or outside the organization. Here sensitive information may refer to organization's internal process documents, strategic business plans, intellectual property, financial statements, security policies, network diagrams, blueprints etc. 2. D ATA L OSS VS . D ATA L EAKAGE Data Loss pertains to actual "loss" of information with no trace present in original site while data leakage pertains to the disclosure of information with originating site left unmodified. a. Types of DLP systems:  Information Leak Detection and Prevention (IDLP)  Information Leak Prevention (ILP)  Content Monitoring and Filtering (CMF)  Information Protection and Control (IPC),  Extrusion Prevention System (EPS) Confidential  Network Intelligence (India) Pvt. Ltd. Page 5 of 9
Data Leakage Prevention (DLP) 3. G ENERIC D ATA L EAKAGE P REVENTION a. Deploy Security Mechanisms To protect against inside and outside attacks we can deploy common security mechanisms, such as firewalls, intrusion detection systems (IDSs), and antivirus software. A better design is always to place these security mechanisms at appropriate places in the corporate network so that it becomes increasingly "hard" for the attacker to breach the corporate network. A "design in depth" strategy can be helpful to protect the most valuable and business critical assets of the organization. Within the organization, using thin-client architecture (with no sensitive data stored on client machine) can also reduce the data leakage to a great extent. b. Advanced security measures We can install behaviour and pattern based monitoring tools to detect and stop the malicious activities before they happen. Care has to be taken that very less false positive alerts are generated and specific log trails with timestamps are recorded all the time on the monitoring server. These security mechanisms rely on reasoning algorithm to learn and subsequently detect abnormal data access, suspicious mail exchange etc. A good practice would be to set them in conjunction with honeypots for detecting malicious intent of the individual by gathering as much information about his activities to rule out any possibility of "false positives". This with combination of log trails can effectively single out the adversary and can help in formation of a strong case in legal proceedings if needed. c. Access control and encryption Device control, access control, and encryption are the basic means by which sensitive information can be protected from malicious outsider and insider attacks. Good practices must include proper log maintenance on every access attempt, and "strong" encryption done for "business critical" data. Encryption keys must be stored in secure separate places. Confidential  Network Intelligence (India) Pvt. Ltd. Page 6 of 9
Data Leakage Prevention (DLP) 4. DLP SOLUTIONS Designated DLP solutions detect and prevent unauthorized attempts to copy or send sensitive data, intentionally or unintentionally, by authorized personnel who have access the sensitive information. a. Mechanisms for classifying sensitive information :  Exact data matching,  Data fingerprinting,  Statistical methods,  Rule and regular expression matching,  Lexicons,  Conceptual definitions, and  Keywords b. Popular DLP Solution Vendors:  Websense  McAfee  RSA  Symantec  Trend Micro  MyDLP (Open-source) 5. C ATEGORIES OF DLP [1] a. Network DLP (aka Data in Motion) A software or hardware solution that is installed at the end points near network perimeter. It analyzes network traffic to detect sensitive data that is being sent in violation of information security policies. b. Storage DLP (aka Data at Rest) This usually involves a mechanism (agent or agent-less) to prevent unauthorized access to the data stored on your hard drive and/or USB sticks. Data at Rest must be regularly checked with data retention policies of the organization and compliance procedures as it might have increased probability to be leaked out. Phased-out data must be securely disposed such that data forensic techniques can't recover back the deleted data. c. Endpoint DLP (aka Data in Use) Such systems run on end-user workstations or servers in the organization. They are used to control information flow between groups or types of users. They prevent conflict-of-interest between 2 or more group of users within the organization also. They control email and IM communications before being stored in the corporate archive. These systems have the advantage that they can provide application controls to block attempted transmissions of confidential information from physical devices with spontaneous user feedback. Disadvantage is that they need to be installed on every workstation in the network, and can't be used on mobile devices. Confidential  Network Intelligence (India) Pvt. Ltd. Page 7 of 9
Data Leakage Prevention (DLP) 6. D ATA IDENTIFICATION [1] Here, DLP techniques are used to identify sensitive data (in motion, at rest, or in use). Care has to be taken to ensure the accuracy of the DLP technology is high enough to ensure lower rates of false-positive reporting. Heavy testing must be done to ensure that data reported can be well relied upon. They are of 2 methods:  Precise: Methods which can pinpoint and report almost zero false positives  Imprecise: Comprise of keywords, lexicons, regular expressions, Meta tags, Bayesian analysis, statistical analysis etc. All have greater chances of false positive reporting. 7. P REPARING FOR DLP I MPLEMENTATION [2] So, you are all geared up and ready for DLP implementation. But before doing that you must ensure to do your homework with either your IT team with steering committee or seek professional help for doing the following:  Identify all organization’s assets. Mark their critical value and its impact to business.  Evaluate the risk of the critical and sensitive data both in qualitative and quantitative terms.  Evaluate possible data leakage avenues.  Decide how this data should be protected and how those avenues can be plugged.  Agree upon a cost effective DLP solution as per your requirement and team's analysis 8. DLP I MPLEMENTATION C HALLENGES User resistance for change is the most difficult obstacle which has to be handled with greatest care. Training workshops and seminars must be held on regular basis to infuse confidence in them for adopting DLP procedures. The effectiveness of DLP solution must be closely monitored to iron out any issues if they arise during implementation. Recommended review duration is 3-6 months. Likewise, over-optimism also needs to be checked upon as people tend to get carried away and get over dependent on the DLP technology. Policy and procedure framework must be properly documented and accordingly implemented. a. Other implementation challenges:  Under-estimation of the time and effort involved  Lack of trained resources  Perception that ownership resides with IT  Underestimation of the expense (TCO) involved  False positives  Ignoring the legal & regulatory framework Confidential  Network Intelligence (India) Pvt. Ltd. Page 8 of 9
Data Leakage Prevention (DLP) 9. R EFERENCES 1. http://en.wikipedia.org/wiki/Data_loss_prevention_software 2. http://www.niiconsulting.com/solutions/dlp.html Confidential  Network Intelligence (India) Pvt. Ltd. Page 9 of 9

Recommended

Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
Reza Kopaee
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
dj1arry
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
Liwei Ren任力偉
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)
Hussein Al-Sanabani
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention
Dhananjay Aloorkar
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak prevention
Ariel Evans
 

Recommended

Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
Reza Kopaee
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
dj1arry
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
Liwei Ren任力偉
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)
Hussein Al-Sanabani
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention
Dhananjay Aloorkar
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak prevention
Ariel Evans
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Seccuris Inc.
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
MarketingArrowECS_CZ
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Eryk Budi Pratama
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and Mitigations
April Mardock CISSP
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive Overview
Kim Jensen
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CK
Arpan Raval
 
Metrics, Risk Management & DLP
Metrics, Risk Management & DLPMetrics, Risk Management & DLP
Metrics, Risk Management & DLP
Robert Kloots
 
Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9
Ariel Martin Beliera
 
Dlp notes
Dlp notesDlp notes
Dlp notes
anuepcet
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
k33a
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
Cloudflare
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Symantec
 
DLP
DLPDLP
DLP
saurabh.sood
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
Ahmed Hashem El Fiky
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention
Digital Guardian
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
IRJET Journal
 

More Related Content

What's hot

Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Seccuris Inc.
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
MarketingArrowECS_CZ
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Eryk Budi Pratama
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
n|u - The Open Security Community
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and Mitigations
April Mardock CISSP
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive Overview
Kim Jensen
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CK
Arpan Raval
 
Metrics, Risk Management & DLP
Metrics, Risk Management & DLPMetrics, Risk Management & DLP
Metrics, Risk Management & DLP
Robert Kloots
 
Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9
Ariel Martin Beliera
 
Dlp notes
Dlp notesDlp notes
Dlp notes
anuepcet
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
k33a
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
Cloudflare
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Symantec
 
DLP
DLPDLP
DLP
saurabh.sood
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
Ahmed Hashem El Fiky
 

What's hot (20)

Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLP
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and Mitigations
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive Overview
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CK
 
Metrics, Risk Management & DLP
Metrics, Risk Management & DLPMetrics, Risk Management & DLP
Metrics, Risk Management & DLP
 
Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9
 
Dlp notes
Dlp notesDlp notes
Dlp notes
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
 
DLP
DLPDLP
DLP
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
 

Similar to Data Leakage Prevention (DLP)

The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention
Digital Guardian
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
IRJET Journal
 
How Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksHow Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External Attacks
Emmanuel Oshogwe Akpeokhai
 
DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks
Abhishek Sood
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian
 
Protect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLPProtect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLP
Adi Saputra
 
Dlp content-discovery-best-practices
Dlp content-discovery-best-practicesDlp content-discovery-best-practices
Dlp content-discovery-best-practiceslookout4raj
 
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Netskope
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
ErnestStaats
 
trellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdftrellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdf
LaLaBlaGhvgT
 
finl.docx
finl.docxfinl.docx
finl.docx
Vishesh Aggarwal
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak Prevention
Tanvir Hashmi
 
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
PECB
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resources
IJNSA Journal
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
TrustArc
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
Adrian Dumitrescu
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | Seclore
Seclore
 
Data Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfData Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdf
Agusto Sipahutar
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
IJNSA Journal
 

Similar to Data Leakage Prevention (DLP) (20)

The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
How Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksHow Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External Attacks
 
DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
 
Protect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLPProtect your sensitive data against data leaks with Safetica DLP
Protect your sensitive data against data leaks with Safetica DLP
 
Dlp content-discovery-best-practices
Dlp content-discovery-best-practicesDlp content-discovery-best-practices
Dlp content-discovery-best-practices
 
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
 
trellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdftrellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdf
 
finl.docx
finl.docxfinl.docx
finl.docx
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak Prevention
 
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to knowISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
 
MEDS
MEDSMEDS
MEDS
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resources
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | Seclore
 
Data Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdfData Lost Prevention (DLP).pdf
Data Lost Prevention (DLP).pdf
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
 

More from Network Intelligence India

Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
Network Intelligence India
 
The Economics of Security
The Economics of SecurityThe Economics of Security
The Economics of Security
Network Intelligence India
 
Web Application Security Strategy
Web Application Security Strategy Web Application Security Strategy
Web Application Security Strategy
Network Intelligence India
 
ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics ImplementationISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics Implementation
Network Intelligence India
 
National Cyber Security Policy 2013
National Cyber Security Policy 2013National Cyber Security Policy 2013
National Cyber Security Policy 2013
Network Intelligence India
 
RBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on ITRBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on IT
Network Intelligence India
 
PCI DSS for Penetration Testing
PCI DSS for Penetration TestingPCI DSS for Penetration Testing
PCI DSS for Penetration Testing
Network Intelligence India
 
Understanding Governance
Understanding GovernanceUnderstanding Governance
Understanding Governance
Network Intelligence India
 
Cyber Security in Civil Aviation
Cyber Security in Civil AviationCyber Security in Civil Aviation
Cyber Security in Civil Aviation
Network Intelligence India
 
Spear Phishing Methodology
Spear Phishing MethodologySpear Phishing Methodology
Spear Phishing Methodology
Network Intelligence India
 
Mobile Device Management (MDM)
Mobile Device Management (MDM)Mobile Device Management (MDM)
Mobile Device Management (MDM)
Network Intelligence India
 
IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies
Network Intelligence India
 
Information Rights Management (IRM)
Information Rights Management (IRM)Information Rights Management (IRM)
Information Rights Management (IRM)
Network Intelligence India
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
Network Intelligence India
 
Advanced persistent threats(APT)
Advanced persistent threats(APT)Advanced persistent threats(APT)
Advanced persistent threats(APT)
Network Intelligence India
 
XML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus ScannerXML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus Scanner
Network Intelligence India
 

More from Network Intelligence India (20)

Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
 
The Economics of Security
The Economics of SecurityThe Economics of Security
The Economics of Security
 
Web Application Security Strategy
Web Application Security Strategy Web Application Security Strategy
Web Application Security Strategy
 
ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics ImplementationISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics Implementation
 
National Cyber Security Policy 2013
National Cyber Security Policy 2013National Cyber Security Policy 2013
National Cyber Security Policy 2013
 
RBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on ITRBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on IT
 
PCI DSS for Penetration Testing
PCI DSS for Penetration TestingPCI DSS for Penetration Testing
PCI DSS for Penetration Testing
 
Understanding Governance
Understanding GovernanceUnderstanding Governance
Understanding Governance
 
Cyber Security in Civil Aviation
Cyber Security in Civil AviationCyber Security in Civil Aviation
Cyber Security in Civil Aviation
 
Spear Phishing Methodology
Spear Phishing MethodologySpear Phishing Methodology
Spear Phishing Methodology
 
Mobile Device Management (MDM)
Mobile Device Management (MDM)Mobile Device Management (MDM)
Mobile Device Management (MDM)
 
IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies
 
Information Rights Management (IRM)
Information Rights Management (IRM)Information Rights Management (IRM)
Information Rights Management (IRM)
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
 
Advanced persistent threats(APT)
Advanced persistent threats(APT)Advanced persistent threats(APT)
Advanced persistent threats(APT)
 
XML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus ScannerXML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus Scanner
 
Cyber fraud in banks
Cyber fraud in banksCyber fraud in banks
Cyber fraud in banks
 
Advanced persistent threats
Advanced persistent threatsAdvanced persistent threats
Advanced persistent threats
 
Who will guard the guards
Who will guard the guardsWho will guard the guards
Who will guard the guards
 
Application security enterprise strategies
Application security enterprise strategiesApplication security enterprise strategies
Application security enterprise strategies
 

Recently uploaded

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 

Recently uploaded (20)

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 

Data Leakage Prevention (DLP)

  • 1. DATA LEAKAGE PREVENTION – IMPLEMENTATION AND CHALLENGES From This article focuses on common pitfalls when implementing a DLP solution to secure your organizational information assets. The article also lists out our practical insights; lessons learnt and recommended process to achieve an effective and efficient DLP implementation.
  • 2. Data Leakage Prevention (DLP) Document Tracker Author Version Summary of Changes Manasdeep August 2012 Document Created Confidential  Network Intelligence (India) Pvt. Ltd. Page 2 of 9
  • 3. Data Leakage Prevention (DLP) NOTICE This document contains information which is the intellectual property of Network Intelligence. This document is received in confidence and its contents cannot be disclosed or copied without the prior written consent of Network Intelligence. Nothing in this document constitutes a guaranty, warranty, or license, expressed or implied. Network Intelligence disclaims all liability for all such guaranties, warranties, and licenses, including but not limited to: Fitness for a particular purpose; merchantability; non infringement of intellectual property or other rights of any third party or of Network Intelligence; indemnity; and all others. The reader is advised that third parties can have intellectual property rights that can be relevant to this document and the technologies discussed herein, and is advised to seek the advice of competent legal counsel, without obligation of Network Intelligence. Network Intelligence retains the right to make changes to this document at any time without notice. Network Intelligence makes no warranty for the use of this document and assumes no responsibility for any errors that can appear in the document nor does it make a commitment to update the information contained herein. Copyright Copyright. Network Intelligence (India) Pvt. Ltd. All rights reserved. NII Consulting, AuditPro, Firesec, NX27K is a registered trademark of Network Intelligence India Pvt. Ltd. Trademarks Other product and corporate names may be trademarks of other companies and are used only for explanation and to the owners' benefit, without intent to infringe. NII CONTACT DETAILS Network Intelligence India Pvt. Ltd. 204 Ecospace, Old Nagardas Road, Near Andheri Subway, Andheri (E), Mumbai 400 069, India Tel: +91-22-2839-2628 +91-22-4005-2628 Fax: +91-22-2837-5454 Email: info@niiconsulting.com Confidential  Network Intelligence (India) Pvt. Ltd. Page 3 of 9
  • 4. Data Leakage Prevention (DLP) Contents 1. I N T R O D U C T I O N 5 W H A T I S D LP? [ 1 ] 5 2. D A T A L O S S V S . D A T A L E A K A G E 5 a. Types of DLP systems: 5 3. G E N E R I C D A T A L E A K A G E P R E V E N T I O N 6 a. Deploy Security Mechanisms 6 b. Advanced security measures 6 4. D LP SOL UTIO NS 7 a. Mechanisms for classifying sensitive information : 7 b. Popular DLP Solution Vendors: 7 5. C A T E G O R I E S OF D LP [ 1 ] 7 a. Network DLP (aka Data in Motion) 7 b. Storage DLP (aka Data at Rest) 7 c. Endpoint DLP (aka Data in Use) 7 6. D A T A I D E N T I F I C A T I O N [ 1 ] 8 7. P R E P A R I N G F O R D LP I M P L E M E N T A T I O N [ 2 ] 8 8. D LP I M P L E M E N T A T I O N C H A L L E N G E S 8 a. Other implementation challenges: 8 9. R E F E R E N C E S 9 Confidential  Network Intelligence (India) Pvt. Ltd. Page 4 of 9
  • 5. Data Leakage Prevention (DLP) 1. I NTRODUCTION Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry. To prevent from all these unwanted and unpleasant activities from happening, an organized effort is needed to control the information flow inside and outside the organization. Here is our attempt to demystify the jargon surrounding the DLP procedures which will help you to choose and apply the best suitable option for your own business. What is DLP? [1] Data Leakage Prevention is the category of solutions which help an organization to apply controls for preventing the unwanted accidental or malicious leakage of sensitive information to unauthorized entities in or outside the organization. Here sensitive information may refer to organization's internal process documents, strategic business plans, intellectual property, financial statements, security policies, network diagrams, blueprints etc. 2. D ATA L OSS VS . D ATA L EAKAGE Data Loss pertains to actual "loss" of information with no trace present in original site while data leakage pertains to the disclosure of information with originating site left unmodified. a. Types of DLP systems:  Information Leak Detection and Prevention (IDLP)  Information Leak Prevention (ILP)  Content Monitoring and Filtering (CMF)  Information Protection and Control (IPC),  Extrusion Prevention System (EPS) Confidential  Network Intelligence (India) Pvt. Ltd. Page 5 of 9
  • 6. Data Leakage Prevention (DLP) 3. G ENERIC D ATA L EAKAGE P REVENTION a. Deploy Security Mechanisms To protect against inside and outside attacks we can deploy common security mechanisms, such as firewalls, intrusion detection systems (IDSs), and antivirus software. A better design is always to place these security mechanisms at appropriate places in the corporate network so that it becomes increasingly "hard" for the attacker to breach the corporate network. A "design in depth" strategy can be helpful to protect the most valuable and business critical assets of the organization. Within the organization, using thin-client architecture (with no sensitive data stored on client machine) can also reduce the data leakage to a great extent. b. Advanced security measures We can install behaviour and pattern based monitoring tools to detect and stop the malicious activities before they happen. Care has to be taken that very less false positive alerts are generated and specific log trails with timestamps are recorded all the time on the monitoring server. These security mechanisms rely on reasoning algorithm to learn and subsequently detect abnormal data access, suspicious mail exchange etc. A good practice would be to set them in conjunction with honeypots for detecting malicious intent of the individual by gathering as much information about his activities to rule out any possibility of "false positives". This with combination of log trails can effectively single out the adversary and can help in formation of a strong case in legal proceedings if needed. c. Access control and encryption Device control, access control, and encryption are the basic means by which sensitive information can be protected from malicious outsider and insider attacks. Good practices must include proper log maintenance on every access attempt, and "strong" encryption done for "business critical" data. Encryption keys must be stored in secure separate places. Confidential  Network Intelligence (India) Pvt. Ltd. Page 6 of 9
  • 7. Data Leakage Prevention (DLP) 4. DLP SOLUTIONS Designated DLP solutions detect and prevent unauthorized attempts to copy or send sensitive data, intentionally or unintentionally, by authorized personnel who have access the sensitive information. a. Mechanisms for classifying sensitive information :  Exact data matching,  Data fingerprinting,  Statistical methods,  Rule and regular expression matching,  Lexicons,  Conceptual definitions, and  Keywords b. Popular DLP Solution Vendors:  Websense  McAfee  RSA  Symantec  Trend Micro  MyDLP (Open-source) 5. C ATEGORIES OF DLP [1] a. Network DLP (aka Data in Motion) A software or hardware solution that is installed at the end points near network perimeter. It analyzes network traffic to detect sensitive data that is being sent in violation of information security policies. b. Storage DLP (aka Data at Rest) This usually involves a mechanism (agent or agent-less) to prevent unauthorized access to the data stored on your hard drive and/or USB sticks. Data at Rest must be regularly checked with data retention policies of the organization and compliance procedures as it might have increased probability to be leaked out. Phased-out data must be securely disposed such that data forensic techniques can't recover back the deleted data. c. Endpoint DLP (aka Data in Use) Such systems run on end-user workstations or servers in the organization. They are used to control information flow between groups or types of users. They prevent conflict-of-interest between 2 or more group of users within the organization also. They control email and IM communications before being stored in the corporate archive. These systems have the advantage that they can provide application controls to block attempted transmissions of confidential information from physical devices with spontaneous user feedback. Disadvantage is that they need to be installed on every workstation in the network, and can't be used on mobile devices. Confidential  Network Intelligence (India) Pvt. Ltd. Page 7 of 9
  • 8. Data Leakage Prevention (DLP) 6. D ATA IDENTIFICATION [1] Here, DLP techniques are used to identify sensitive data (in motion, at rest, or in use). Care has to be taken to ensure the accuracy of the DLP technology is high enough to ensure lower rates of false-positive reporting. Heavy testing must be done to ensure that data reported can be well relied upon. They are of 2 methods:  Precise: Methods which can pinpoint and report almost zero false positives  Imprecise: Comprise of keywords, lexicons, regular expressions, Meta tags, Bayesian analysis, statistical analysis etc. All have greater chances of false positive reporting. 7. P REPARING FOR DLP I MPLEMENTATION [2] So, you are all geared up and ready for DLP implementation. But before doing that you must ensure to do your homework with either your IT team with steering committee or seek professional help for doing the following:  Identify all organization’s assets. Mark their critical value and its impact to business.  Evaluate the risk of the critical and sensitive data both in qualitative and quantitative terms.  Evaluate possible data leakage avenues.  Decide how this data should be protected and how those avenues can be plugged.  Agree upon a cost effective DLP solution as per your requirement and team's analysis 8. DLP I MPLEMENTATION C HALLENGES User resistance for change is the most difficult obstacle which has to be handled with greatest care. Training workshops and seminars must be held on regular basis to infuse confidence in them for adopting DLP procedures. The effectiveness of DLP solution must be closely monitored to iron out any issues if they arise during implementation. Recommended review duration is 3-6 months. Likewise, over-optimism also needs to be checked upon as people tend to get carried away and get over dependent on the DLP technology. Policy and procedure framework must be properly documented and accordingly implemented. a. Other implementation challenges:  Under-estimation of the time and effort involved  Lack of trained resources  Perception that ownership resides with IT  Underestimation of the expense (TCO) involved  False positives  Ignoring the legal & regulatory framework Confidential  Network Intelligence (India) Pvt. Ltd. Page 8 of 9
  • 9. Data Leakage Prevention (DLP) 9. R EFERENCES 1. http://en.wikipedia.org/wiki/Data_loss_prevention_software 2. http://www.niiconsulting.com/solutions/dlp.html Confidential  Network Intelligence (India) Pvt. Ltd. Page 9 of 9