Data Loss Prevention (DLP) can provide some powerful protection for sensitive information of an organization. DLP describes systems and technologies designed to detect and prevent potential data breaches, or attempts to move data outside an organization’s secure storage and systems, and beyond its control. It is intended to provide this protection in one direction (inside-out). It is not intended to protect you from receiving sensitive data, but rather it is intended to protect the data you already have.
The overall idea behind DLP is to watch for unauthorized attempts to access sensitive data and information, and to take all possible measure to block or prevent its egress at the organization’s perimeter. By implementing DLP you are about to invest a substantial amount of your company’s money, time and resources.
In general, data loss prevention systems provide three distinct types of protection:
- In-use protection applies when sensitive data is in use by applications or for service delivery, and generally depends on various types of user authentication to establish identity for those requesting access to the data, along with access control systems that permit or deny such requests depending on user identity, job role, and security policy governing such data.
- In-motion protection applies when sensitive data is in transit on a network of any kind, and generally depends on sufficiently strong encryption tools and technologies to mitigate the risk of eavesdropping, and to significantly lower the probability of a successful decryption attack.
- At-rest protection applies to data as it resides on some kind of persistent storage medium. This usually involves access controls to limit access to programs and users with a legitimate need to know, access monitoring to track and log all access to such information, and strong encryption to protect against theft or attack against the physical media where such data is stored.
With our DLP olution you can:
- Discover where data is stored across all of your cloud, mobile, network, endpoint, and storage systems.
- Monitor how data is being used, whether your employees are on or off the network.
- Protect data from being leaked or stolen—no matter where it’s stored or how it’s used.
Our DLP starts with a combination of advanced technologies that can accurately detect all of the confidential data in your organization—whether it’s at rest, in motion, or in use.