With a DLP solution, an organisation can monitor email, printers, http/s, instant messaging, and a variety of other commonly used protocols to discover where information is transmitted and by whom, and audit business processes to increase efficiencies, redefine policies and workflows, and reduce the risk of a leak.
DLP solutions use policy-based enforcement to protect data in use and in motion with pre-defined automated enforcement capabilities. Organisations can leverage policy design wizards to block, encrypt, quarantine, notify, and/or remediate an infraction. This flexibility allows administrators to create more efficient information workflows that map to internal business processes (e.g. a manager and/or content owner can approve/deny a subordinate request to send data, and/or receive a notification following a breach).
Work with a solution provider to implement the right technology
Implementing a DLP solution requires an investment in time, money, and training. To ensure the success of the project, organisations should solicit the advice and support of certified solution providers, which are trained and experienced in recommending and deploying leak prevention solutions.
Successful deployments require the integration of the technology with business processes – a feat which requires time and expertise to avoid disrupting the core business. Solution providers can help overcome these and other obstacles by providing valuable services, including risk assessment, policy and compliance management and auditing, deployment, and employee training. The following chart provides a checklist of the features a DLP solution should include:
-Vendor Evaluation Chart
-Feature and functionality
-Content aware technology
-Accurate identification and classification
-Multiple detection methods
-Low number of false positives
-Discovery, monitoring, and prevention for data in motion, at rest, and in use
-Protection against accidental, intentional, and malicious leaks
-Data and meta data protection for documents and databases
-Simplicity and management
-Integrated solution (reporting, discovery, monitoring, and enforcement)
-Deployment time and required administration
-Integration with complementary technologies and infrastructure
-Pre-built policy templates (including regulations)
-Scalable solution with both user and data policy management
-Established, recognised leader in content security industry
-Global support and continued investment in R&D
For value-added partners, ultimately, when deploying a DLP solution at a customer’s site, it’s important to consider the requirements of the organisation, taking into account such variables as the type of information being protected, communication technologies in use. Data loss is a problem that affects the entire organisation and not just IT.
Human resources, legal, accounting, finance, and other business units are often involved in the purchase, if not the implementation of a loss prevention solution. When evaluating solutions it is important to consider requirements specific to the customer and their existing architecture.
The problem of data loss
By Staff Writers on Apr 30, 2008 11:28AM
This article appeared in the 28 April, 2008 issue of CRN magazine.
In The Spotlight
Page 2 of 2 | Single page
Got a news tip for our journalists? Share it with us anonymously here.