Data Loss Prevention (DLP) can provide some powerful protection for sensitive information of an organization. DLP describes systems and technologies designed to detect and prevent potential data breaches, or attempts to move data outside an organization’s secure storage and systems, and beyond its control. It is intended to provide this protection in one direction (inside-out). It is not intended to protect you from receiving sensitive data, but rather it is intended to protect the data you already have.
The overall idea behind DLP is to watch for unauthorized attempts to access sensitive data and information, and to take all possible measure to block or prevent its egress at the organization’s perimeter. By implementing DLP you are about to invest a substantial amount of your company’s money, time and resources.
In general, data loss prevention systems provide three distinct types of protection:
- In-use protection applies when sensitive data is in use by applications or for service delivery, and generally depends on various types of user authentication to establish identity for those requesting access to the data, along with access control systems that permit or deny such requests depending on user identity, job role, and security policy governing such data.
- In-motion protection applies when sensitive data is in transit on a network of any kind, and generally depends on sufficiently strong encryption tools and technologies to mitigate the risk of eavesdropping, and to significantly lower the probability of a successful decryption attack.
- At-rest protection applies to data as it resides on some kind of persistent storage medium. This usually involves access controls to limit access to programs and users with a legitimate need to know, access monitoring to track and log all access to such information, and strong encryption to protect against theft or attack against the physical media where such data is stored.
With Symantec Data Loss Prevention (DLP) you can discover, monitor and protect sensitive data wherever it’s used – in the office, on the road, or in the cloud. It gives you complete visibility and control across the broadest range of data loss channels: cloud apps, endpoints, data repositories, and email and web communications.
- Identifies any type of sensitive data with the most comprehensive data detection technologies ranging from fingerprinting to machine learning.
- Easily manage data loss policies and incidents across every channel – all from one powerful management console.
- Offers flexible deployment options for any type of environment: on-premises, private cloud, hybrid cloud or public cloud.
With Symantec DLP, you can:
- Discover where data is stored across all of your cloud, mobile, network, endpoint, and storage systems.
- Monitor how data is being used, whether your employees are on or off the network.
- Protect data from being leaked or stolen—no matter where it’s stored or how it’s used.
It is important to mention that Symantec DLP is a leader in Gartner’s Magic Quadrant for 10 Consecutive Times. Symantec has been named a leader with the highest scores in Forrester Wave and the top player in the Radicati Group- DLP market quadrant.
Symantec DLP starts with a combination of advanced technologies that can accurately detect all of the confidential data in your organization—whether it’s at rest, in motion, or in use.