Introduction
Our last blog post of this series examined what Data Loss Prevention is, and the three major types of data categories of DLP Systems which are as follows:
> In Use Protection;
> In Motion Protection;
> At Rest Protection.
In this blog post, we examine the controls that are needed to prevent data loss.
The Required Controls for Data Loss Prevention
Before any DLP technologies can be evaluated, it is first important to understand the controls that are needed for each focus area of the data described in the last section.
Once this has been established, then the appropriate DLP software package can be selected and deployed.
The following matrices depict the necessary controls for each type of data:
Data in Motion
Focus Area Technological Control
Perimeter security | Firewalls, Proxy servers |
Network monitoring | Selected DLP technology |
Internet access control | Proxy servers, Content filters |
Data collection and exchange with third parties | Secure email, Secure FTP, Secure APIs, Encrypted physical media |
Use of instant messaging | Firewalls, Proxy servers, Workstation restrictions |
Remote access | Encrypted remote access, restrictions on use of remote access tools to prevent data leakage |
Data in Use
Focus Area Technological Control
Privileged user monitoring | Event monitoring related to databases and application log files |
Access/usage monitoring | Event monitoring related to databases, application log files |
Data sanitation | Data sanitation routines and programs |
Use of test data | Data sanitation routines and programs |
Data redaction | Data redaction tools |
Export/save control | Application controls |
Data at Rest
Focus Area Technological Control
Endpoint security | Operating system workstation restrictions, Security software |
Host encryption | Full disk encryption tools |
Mobile device protection | Built-in security features, Third-party mobile device control products |
Network/Intranet storage | Access control software and permission control in all Operating systems, Databases and File storage systems |
Physical media control | Endpoint media encryption tools, Operating system workstation restrictions |
Disposal and destruction | Data erasure and Data wiping software |
– ey.com
Conclusions
Our next blog post of the series will examine the important features of DLP Systems.