Being able to automatically enforce policies is a big key to the value of DLP. It gives you the ability automatically route an email to an encryption gateway, for instance, or move an obsolete file containing sensitive data that has been left exposed on a file system—all based on policy.
One of the most overlooked benefits of DLP is its ability to reduce risk by strengthening what has long been considered the most vulnerable element in any organization—its people. Virtually all data breaches involve people and the processes they follow, or don’t follow, when handling information. The vast majority are caused by people who are either unaware of policy or are simply following a business process that is not secure.
Either way, DLP protects the data according to policy and prevents its loss. But it also goes a giant step further and remediates the incident by notifying the employee of his or her error in real time and then suggesting corrective action. Such on-the-spot correction can not only change the behavior of the employee but it can also have a positive impact on the behavior of others with whom the person interacts.
It works. In fact, one Fortune 100 company noted a 90 percent drop in data loss incidents just 10 days after turning on the automated user notification capabilities within DLP.
Standalone vs. Feature
As organizations increasingly turn their attention to the challenge of preventing data loss, many are asking whether DLP is most effective as a standalone solution or as part of a broader suite of security products. The answer is yes, there will continue to be a market for standalone DLP, because data loss is a pressing problem that demands a targeted solution—one that leverages a common foundation with the same policy management, detection, incident response workflow, and reporting capabilities across network, storage, and endpoint systems.
And yes, such unified, integrated DLP solutions will likely also become a critical component in more comprehensive portfolios for information-centric security. An information-centric security program includes keeping the bad things out, so you still need a defense-in-depth strategy that relies on the traditional security solutions like antivirus software and antispam programs. But information-centric security is also about keeping the good stuff in, and that means being able to protect information at rest, in motion, and in use. To do that, security and storage solutions will need to work hand-in-hand. DLP is the linchpin that will make this vision of information-centric security a reality.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.