Data Leak Prevention
Your data. Your control.
What is DLP
Data leak / loss prevention detects potential unauthorised data breaches and prevents them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), or at-rest (data storage).
In data leakage incidents, sensitive data is disclosed to unauthorized parties by either malicious intent or an inadvertent mistake. Sensitive data includes private or company information, source code, sales or marketing materials, financial data and other sensitive information.
Endpoints – the leak points
The most vulnerable source of data leakage are employee endpoints. Insider threats amount to a significant ratio of all data breaches. According to Intel Security’s report on data theft, 43% of data loss were due to internal actors (employees, contractors, and 3rd party suppliers).
Office documents are the most common format of data stolen by internal actors, because these are stored on employee devices and organizations place few controls on the data once it is no longer in a database.
The same report also cited its survey that 64% of security professionals felt DLP technology could have prevented these exfiltration events.
Prevent data leakage
DLP solutions use rules & policies to classify and protect confidential and critical information so that unauthorized end users cannot accidentally or maliciously share data whose disclosure could put the organization at risk.
For example, if an employee tries to forward a business email outside the corporate domain or upload a corporate file to Dropbox, the employee would be denied permission and the exfiltration attempt would be alerted to the IT administrator. They can also control data leaked via email, social media, instant messaging, etc. Plus, blocking access to physical media like USB and SD cards are included too.