{"id":1649,"date":"2019-03-28T10:37:51","date_gmt":"2019-03-28T15:37:51","guid":{"rendered":"https:\/\/media-moon.com\/blog\/?p=1649"},"modified":"2019-12-05T11:25:49","modified_gmt":"2019-12-05T17:25:49","slug":"data-loss-prevention-part-1","status":"publish","type":"post","link":"https:\/\/media-moon.com\/blog\/data-loss-prevention-part-1\/","title":{"rendered":"Data Loss Prevention \u2013 Part 1"},"content":{"rendered":"<p>To any business or corporation, information and data are the blood flow of daily operations.<\/p>\n<p>Data consists of market intelligence as it relates to your competition, the sensitive customer information (such as contact info, credit card\/banking numbers, etc.), and even your own internal data.<\/p>\n<p>Safeguarding all of this is a must, not only from it being hacked, but also making sure that only authorized users have access to it.<\/p>\n<p>This is technically known as \u201cData Loss Prevention\u201d, or \u201cDLP\u201d for short.\u00a0 A specific definition is as follows:<\/p>\n<blockquote>\n<p><span style=\"font-size: inherit;\">&#8220;It is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.\u00a0DLP software classifies regulated, confidential and business critical data and identifies violations of policies&#8230; typically driven by regulatory compliance such as HIPAA, PCI-DSS, or GDPR. Once those violations are identified, DLP enforces remediation with alerts,\u00a0encryption, and other protective actions to prevent end users from accidentally or maliciously sharing data that could put the organization at risk.&#8221;<\/span><\/p>\n<\/blockquote>\n<p>(SOURCE: <a href=\"https:\/\/digitalguardian.com\/blog\/what-data-loss-prevention-dlp-definition-data-loss-prevention\">https:\/\/digitalguardian.com\/blog\/what-data-loss-prevention-dlp-definition-data-loss-prevention<\/a> )<\/p>\n<p><em>The Basic Concepts of DLP<\/em><\/p>\n<p><span style=\"font-size: inherit;\">There are three types of DLP Systems that are used today in organizations, and they are as follows:<\/span><\/p>\n<ul>\n<li>In Use Protection:<\/li>\n<\/ul>\n<p><span style=\"font-size: inherit;\">This is the information\/data that is generally used on a daily basis by authorized users or even software applications within the organization.<\/span><\/p>\n<p>Typically, these types of datasets are used to deliver products and services to customers as they are being requested or purchased.<\/p>\n<p>This type of information is normally encrypted constantly, so that if they were to be intercepted by a malicious third party, it would remain in a garbled and undecipherable state.<\/p>\n<ul>\n<li>In Motion Protection:<\/li>\n<\/ul>\n<p>This is the information\/data that is in transit across a particular network segment, and typically requires a higher level of encryption given this dynamic nature, to prevent against any form of Eavesdropping and Decryption related attacks.<\/p>\n<p>The basic rule of thumb here is that the more sensitive (or even more valuable) the information\/data is, equally higher levels of encryption are needed as well.<\/p>\n<ul>\n<li>At Rest Protection:<\/li>\n<\/ul>\n<p>This is the information\/data that is not actively being used in any form, and as a result, it typically resides on a server.<\/p>\n<p><!-- \/wp:post-content --> <!-- wp:paragraph --><\/p>\n<p>These datasets still need to have some layer of encryption, but not to the level of the data that is In Use or In Motion.<\/p>\n<p><!-- \/wp:paragraph --> <!-- wp:paragraph --><\/p>\n<p>At this point, it is important to implement the principle of \u201cNeed to Know\u201d access to those employees who have to have access to these datasets.<\/p>\n<p><!-- \/wp:paragraph --> <!-- wp:paragraph --><\/p>\n<p>The diagram below further illustrates these three concepts:<\/p>\n<p><!-- \/wp:paragraph --> <!-- wp:image {\"id\":1746,\"width\":600,\"sizeSlug\":\"full\"} --><\/p>\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" class=\"wp-image-1746\" src=\"https:\/\/media-moon.com\/blog\/wp-content\/uploads\/2019\/12\/DAR_v_DIU.jpg\" alt=\"\" width=\"600\" srcset=\"https:\/\/media-moon.com\/blog\/wp-content\/uploads\/2019\/12\/DAR_v_DIU.jpg 815w, https:\/\/media-moon.com\/blog\/wp-content\/uploads\/2019\/12\/DAR_v_DIU-300x199.jpg 300w, https:\/\/media-moon.com\/blog\/wp-content\/uploads\/2019\/12\/DAR_v_DIU-150x99.jpg 150w, https:\/\/media-moon.com\/blog\/wp-content\/uploads\/2019\/12\/DAR_v_DIU-768x509.jpg 768w, https:\/\/media-moon.com\/blog\/wp-content\/uploads\/2019\/12\/DAR_v_DIU-640x424.jpg 640w\" sizes=\"(max-width: 815px) 100vw, 815px\" \/><\/figure>\n<p><!-- \/wp:image --> <!-- wp:paragraph --><\/p>\n<p>(SOURCE:\u00a0 <a href=\"https:\/\/en.wikipedia.org\/wiki\/Data_at_rest\">https:\/\/en.wikipedia.org\/wiki\/Data_at_rest<\/a>)<\/p>\n<p><!-- \/wp:paragraph --> <!-- wp:paragraph --><\/p>\n<p><em>Conclusions<\/em><\/p>\n<p><!-- \/wp:paragraph --> <!-- wp:paragraph --><\/p>\n<p><a href=\"https:\/\/media-moon.com\/blog\/data-loss-prevention-part-2\/\">Our next blog post of the series<\/a> will examine these three types of data sets in more detail, as well as the controls that are required to protect them.<\/p>\n<hr \/>\n<p>\u00a0<\/p>\n\n","protected":false},"excerpt":{"rendered":"<p>To any business or corporation, information and data are the blood flow of daily operations. Data consists of market intelligence as it relates to your competition, the sensitive customer information (such as contact info, credit card\/banking numbers, etc.), and even your own internal data. Safeguarding all of this is a must, not only from it [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":1748,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[146],"tags":[181,147,18,17,272,93],"class_list":["post-1649","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-business-continuity","tag-backup-and-disaster-recovery","tag-continuity","tag-data","tag-data-loss","tag-data-loss-prevention","tag-prevention"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/posts\/1649","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/comments?post=1649"}],"version-history":[{"count":0,"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/posts\/1649\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/media\/1748"}],"wp:attachment":[{"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/media?parent=1649"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/categories?post=1649"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/media-moon.com\/blog\/wp-json\/wp\/v2\/tags?post=1649"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}