Data Loss Prevention software can automatically identify personal information such as credit card numbers, or intellectual property. It can prevent the attempted transfer, encrypt it, alert the network administrator, or any combination of the above. It can also prevent employees from transferring this information to unsecure consumer cloud storage such as Dropbox. Implementing DLP policies and software can be a large investment in terms of time as well as money, so it is best to learn as much as you can in order to identify the right plan for your company’s needs and resources available.
Data Loss Prevention solutions work to securely transfer online data and prevent sensitive information using a trusted SSL certificate for HTTPS Inspection of outgoing traffic. Data Loss Prevention, or DLP, can refer to both internal strategies to this end, or to describe software products to help a network administrator prevent these unwanted transfers. This software will use established business procedures to identify confidential data in order to prevent either accidental or malicious data transfers by employees and users.
There are three main points – get to know the DLP solutions market, establish your own companies exact needs, and gain a basic understanding of DLP technology. Taking these steps first will ensure you know what to look for when approaching vendors.
Get Informed –
There are many options in the DLP industry to suit different needs and budgets. Research will be necessary to figure out what is best for your own company. There are solutions that offer a wide range of support and features. In order to understand your company’s needs, it is important to understand the basics of how data moves around the environment. These analysts can provide this understanding, allowing you to make an informed choice.
It is also important to utilize your own professional network to acquire real life information as to what has or has not worked for your peers, in terms of DLP strategies. Once you have a few choices in mind, ask for preliminary estimates as to pricing. By and large, most companies spend more than they need to, using an overkill approach to DLP. This can be expensive, difficult to maintain, and may require infrastructure that will incur unforeseen costs.
For example, make sure you have an understanding of all the hardware and architectural requirements for deployment of a desired DLP plan. Many vendors will simplify or even dumb down information on these requirements, leaving to buyers to figure out after purchase a need for additional servers, appliances, or virtual machines. These requirements, if unanticipated, can derail a DLP plan entirely. Before choosing a plan, ask vendors for a complete architectural map including hardware requirements, which will allow you to compare the real costs of using different vendors.
Another factor to be informed of prior to making a choice, is the professional implementation services. Many vendors offer professional aid in implementation of DLP services. It is important to know before making a choice what this will cost, and what exactly your company will be paying for. Be sure to find out:
- Exactly what implementation services are provided, the hours provided for each item.
- Establish exactly what DLP policies will be instituted – consider every possible data violation you intend to prevent – and get as much help from these professionals as possible while on- site.
- Ensure your provider has the technical skill to implement their own proposed deployments. This is a problem which arises more than you would think.
- Establish what detection methods will be implemented. Often, the most effective methods of detecting sensitive information will be the most complex to implement.
Classify requirements –
This involves examining the needs of your company, not just in terms of DLP needs, but in adapting to the changes, solutions may bring to the daily operations of your employees.
Examine the need for transparency, in terms of what employees and users can expect after the installation of a DLP solution. How will the DLP solution change their use of data? How might it complicate daily operations? A certain amount of sacrifice in these areas may be desirable, but it is essential to take these factors into account ahead of time, and to communicate expectations.
Be aware of any changes in performance which might come with implementation. Certain DLP policies will impact performance of the network and servers.
Consider compatibility issues – including any systems and applications your DLP will need to support. For example, most DLP vendors do not support Mac OS – if this a requirement, you will need to find one that will.
Figure out security needs – Your company may have specific security requirements. You may want to alert security staff to transfers of sensitive information, without automatically blocking or encrypting them. You may only be concerned about larger quantities of sensitive data. You may be primarily concerned about USB transfers from disks, or more about cloud based storage. Define these needs specifically before shopping for vendors.
Understand the basics of DLP technology –
In order to make informed choices between vendors, gain a basic understanding of DLP options. Make sure your vendor does too.
Full Set DLP solutions were developed from the start with Data Loss Prevention specifically in mind. Full Suite solutions can have greater protection of protocols, including HTTP, FTP and secure HTTPS transfers. Early Full Suite DLP focused on pattern matching in text, to detect sensitive information in need of protection. This pattern matching was effective in preventing data loss, but led to many false positives. One newer detection method, data fingerprinting, is now favored. This method stores a one-way hash on the DLP system. It then analyzes content, either in databases or as unstructured data, and compares it with the stored hashes. It is extremely accurate in detecting sensitive information.
Channel DLP solutions were often created with another purpose than DLP in mind, but adapted to prevent data loss. This category can include email security solutions, device control software, and secure web gateways. Often, these methods are limited in terms of their detection methods, focusing on pattern matching – often outpaced by newer methods. Often, these methods are totally ineffective for other protocols such as HTTP, FTP, and HTTPS.
Another area in which it is helpful to understand the technologies of DLP solutions is that of architecture. The architecture, or framework, of DLP solutions can either entail a modular approach or a unified one. Modular architecture was the first to develop in the early 2000s, as different components of DLP developed separately for large companies. The modular approach can be very effective, but can incur high costs for smaller companies without existing infrastructure. Hardware costs can skyrocket since many components do not support virtual deployment.
Unified architecture, on the other hand, is a simplification of these earlier approaches that can lower costs and simplify the process for smaller companies. The savings comes from lower management overhead and a need for fewer servers.
A basic understanding of these technical aspects can help you make to make sure, you ask vendors the right questions, and ensures you get the most appropriate solution for your company’s needs and resources.
Just like any large investment for your company, choosing a DLP solution is not always simple. However, the risks of making this decision without the right preparation could be serious – from failing to implement a solution entirely, to overpaying for years to come for making the wrong choice.
There is no universal answer either – different solutions will be appropriate for different companies. However, with these 3 steps, you can start your search armed with the information you need before even talking to vendors. Understand your options in the market of DLP solutions, understand your own companies needs as precisely as possible, and gain a basic understanding of how these different DLP options work. Only then will you be able to understand the real costs and benefits of what vendors may offer. This will help you avoid the pitfalls into which many companies fall when choosing a DLP solution.