DLP

What is Data Loss Prevention (DLP)?

Data Loss Prevention (DLP) is a process of identifying critical data within your organization and putting controls in place to prevent unauthorized access or deletion of that data.

Data Loss Prevention (DLP) can be used to protect sensitive data against theft or misuse, for example by hackers specializing in extortion, or malicious employees or industrial espionage.

Data Loss Prevention (DLP) tools are available as standalone solutions or in combination with other security products.

DLP Complementary to Detection & Response

Solutions DLP is a preventative measure that uses data classification and policies to identify sensitive data, then put controls in place to prevent unauthorized access or deletion of that information . Each type of DLP technology has its own strengths and weaknesses, but they are all designed to protect sensitive data from theft or misuse.

The first step in implementing DLP is to define the assets to be protected from exposure. This should include physical media such as laptops, USB drives, CDs/DVDs, etc., as well as virtualized resources such as cloud applications (eg Salesforce). Once this list is established, you can begin to evaluate the different technologies available to protect these assets based on factors such as cost effectiveness and ease of use.

Remember: Data loss prevention is a valuable source for focusing operational security efforts

Like cyber intelligence, DLP is not just a tool but a process and a habit. It makes it possible to identify upstream the critical points on which to reinforce security, and finely orient the cybersecurity system to place efforts where the challenges lie.

A DLP solution uses analytics and rules to identify what should and should not leave the network. It can also be used with other security tools, such as firewalls and intrusion detection systems, to better protect your company’s most valuable asset: its data.

Conclusion

While nearly one out of two cyberattacks involves data theft or blackmail, DLP solutions are vital but not sufficient. To make the most of them, they must be coupled with quality operational intelligence and a supervision system that will be able to break down the silos between the various control points of the information system.

Thanks for reading this glossary!
Discover other content that may interest you:

What is a SIEM?

What is an EDR?

What is an IoC?

What is Cyber Threat Intelligence (CTI)?