Data Loss Prevention – Part 2

Facebook
Twitter
LinkedIn
Pinterest

Introduction

Our last blog post of this series examined what Data Loss Prevention is, and the three major types of data categories of DLP Systems which are as follows:

> In Use Protection;

> In Motion Protection;

> At Rest Protection.

In this blog post, we examine the controls that are needed to prevent data loss.

The Required Controls for Data Loss Prevention

Before any DLP technologies can be evaluated, it is first important to understand the controls that are needed for each focus area of the data described in the last section.

Once this has been established, then the appropriate DLP software package can be selected and deployed.

The following matrices depict the necessary controls for each type of data:

Data in Motion

Focus Area                                                   Technological Control

Perimeter security Firewalls, Proxy servers
Network monitoring Selected DLP technology
Internet access control Proxy servers, Content filters
Data collection and exchange with third parties Secure email, Secure FTP, Secure APIs, Encrypted physical media
Use of instant messaging Firewalls, Proxy servers, Workstation restrictions
Remote access Encrypted remote access, restrictions on use of remote access tools to prevent data leakage

Data in Use

Focus Area                                                   Technological Control

Privileged user monitoring Event monitoring related to databases and application log files
Access/usage monitoring Event monitoring related to databases, application log files
Data sanitation Data sanitation routines and programs
Use of test data Data sanitation routines and programs
Data redaction Data redaction tools
Export/save control Application controls

Data at Rest

Focus Area                                                   Technological Control

Endpoint security Operating system workstation restrictions, Security software
Host encryption Full disk encryption tools
Mobile device protection Built-in security features, Third-party mobile device control products
Network/Intranet storage Access control software and permission control in all Operating systems, Databases and File storage systems
Physical media control Endpoint media encryption tools, Operating system workstation restrictions
Disposal and destruction Data erasure and Data wiping software

– ey.com

Conclusions

Our next blog post of the series will examine the important features of DLP Systems.

Facebook Comments

Sign Up for our Tech Tips

Sign up for our SUPER useful tech insights and tips that get you MORE PRODUCTIVE and SECURE!

Related Posts

Sign Up for our Tech Tips

Sign up for our SUPER useful tech insights and tips that get you MORE PRODUCTIVE and SECURE!
MediaMoon-PROCESS-VECTOR LOGO_transparent 2

Providing web and IT support – we provide you with as much prevention and foresight as possible to keep your technology up and running optimally.

Recent Posts
Popular Categories
© 2024 - All Rights Reserved. Media Moon, LLC.
Facebook Twitter Youtube Linkedin Flickr Pinterest Tumblr Instagram
Scroll to Top