Data Loss Prevention

Overview

Keeping your sensitive data out of the public domain.

Data loss prevention (DLP) is the practice of detecting and preventing confidential data from being "leaked" out of an organisation's boundaries for unauthorised use. Data may be physically or logically removed from the organisation either intentionally or unintentionally.

Over the last few years, companies in every industry sector around the globe have seen their sensitive internal data lost, stolen or leaked to the outside world. A wide range of high-profile data loss incidents have cost organisations millions of dollars in direct and indirect costs and have resulted in tremendous damage to brands and reputations. Many different types of incidents have occurred, including the sale of customer account details to external parties and the loss of many laptops, USB sticks, backup tapes and mobile devices, to name just a few. The vast majority of these incidents resulted from the actions of internal users and trusted third parties, and most have been unintentional.

As data is likely one of your organisation's most valuable assets, protecting it and keeping it out of the public domain is of paramount importance. In order to accomplish this, a number of DLP controls must be implemented, combining strategic, operational and tactical measures.

However, before DLP controls can be effectively implemented, your organisation must understand the answer to these fundamental questions:
1. What sensitive data do you hold?
2. Where does your sensitive data reside, both internally and with third parties?
3. Where is your data going?

This paper explores these questions and the challenges organisations face in relation to business drivers and regulatory obligations for protecting this data. We will share our point of view and approach to data loss prevention, along with insights and lessons learned from our experiences working with some of the most advanced companies in the world on data loss prevention practices.