Data Loss Prevention: Where Do We Go From Here?
by Joseph Ansanelli - VP Data Loss Prevention Solutions, Symantec - Monday, 24 March 2008.
DLP is fast becoming one of the most overused yet misunderstood acronyms in an industry known for its cryptic abbreviations. The popular label for data loss prevention is appearing on a puzzling variety of security products, adding to the confusion and hype.

For CIOs, however, solutions that prevent the loss of critical data demand serious examination. After all, it is the CIO who is responsible for the company’s information, and preventing it from being lost. To that end, the CIO must also be able to identify the tools that will enable them to strategically plan and effectively execute on a program to substantially reduce the risk of data loss.

Meanwhile, the debate continues over where DLP should be deployed: on the network or the endpoint? What about stored data? And does it matter whether DLP is deployed as a standalone solution or as a feature in a broader product portfolio? To address those questions, organizations must first understand what DLP is, why it is important, and how it works.

What is DLP?

DLP solutions help CIOs and CISOs answer three very basic questions: Where is my confidential information? How is this data being used? And how can I best prevent it from being lost?

To answer these questions, Data Loss Prevention (DLP) DLP does three basic things: (1) deep content inspection, (2) automatic protection of sensitive data across endpoint, network and storage systems, and (3) incident response workflow to enable corrective action with employees.

DLP allows you to see which databases, file servers, laptops and desktops hold sensitive data. It tells you when someone is sending out source code via email or copying a customer list to a USB drive. And it allows you to enforce policy by blocking network transmissions that contain confidential data, preventing copies to USB drives, iPods and the like, and automating other enforcement actions such as sender notification, routing of emails for encryption, and ensuring that sensitive data is not left exposed on file systems.

Why DLP?

Today, unlimited access to the Internet and unprecedented mobility are changing the global landscape. In this new, wide open world, information can be easily shared and accessed anytime and anywhere by employees, partners, consultants, outsourcers, and more.

Homes are outfitted with high-bandwidth Internet connections that enable workers to easily transfer large amounts of data to and from the office. Mobile devices are smaller yet more powerful than ever. Today it is possible to copy the personal data of every U.S. citizen onto and iPod and still have room for music. Sensitive data may be sent through unprotected Web email. Confidential files may be exposed on a shared server or copied to a laptop that is then taken home or on the road.

However it occurs, the loss of data can be devastating to a company. Just ask any of the growing number of businesses who have experienced data breaches. According to a 2007 Ponemon Institute study, the average cost of a data breach is just under $200 per record. Considering that nearly 219 million records of U.S. residents have been exposed due to security breaches since 2005, according to Privacy Rights Clearinghouse, the cost to business is staggering.

DLP solutions are specifically designed to avert such disasters. Wherever data lives—whether it is in transit on the network, at rest in storage, or in use on the endpoint—DLP can significantly reduce the risk of its loss. What’s more, the most advanced DLP solutions go beyond protecting information to also help identify risk, establish policies and processes, educate users, and integrate security technologies and controls.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th