Data Loss Prevention: A Step-by-Step Guide to Blocking Leaks
Industry reports show that 90% of all active Data Loss prevention (DLP) installations are running in ‘monitoring mode.’ Although they notify an organization at the time of the leak, they do not stop it. Raising the question, why are these DLP solutions not being employed to actively prevent data leakage? A function they were supposedly intended for. The reason behind this is the abundance of false positive rates, impacting an organization’s daily functionality. If the solution appears to be active, a ‘false positive’ prevents an employee from doing their work. Missed data leakages can be a result of raising false negatives. In order to effectively produce positive results, DLP solutions must be carefully prepared, here are the key steps to ensure a successfully implemented DLP solutions strategy.
Step 1: Do You Need a DLP Solution at the Moment?
Ask yourself if your organization at immediate risk of data loss? Technology is constantly updating and improving DLP solutions all the time. Therefore, the longer you can delay the solution the better the software.
Step 2: What Type of Solution Do You Require?
The industry offers a wide range of products promising to solve DLP, for example, hard drive encryption or end point port control solutions. These kinds of software aid in preventing data loss, however will not address the issue in the same manner a content-aware DLP solution does.
Types of Content Aware Solutions:
1. Single Channel solutions
- Targets one data loss channel eg. e-mail or web
2. Enterprise DLP solutions
- Time consuming
- Can lead to organizational disruption
- Achieves superior coverage
Although you may be an enterprise, you mustn’t assume your business needs an Enterprise DLP solution. There are multiple vendors widely available for email or web that will provide coverage.
Step 3: Protection
Identifying what you need to protect your business is a fundamental step in this process. If this is difficult to decipher, data discovery solutions will aid in your decision. Ensure you have control over the content saved, as this will help you in the future.
Step 4: Why does your content need protecting?
Protection can take many forms, whether it is due to Intellectual property (IP) or for compliance reasons, identification at this stage can shape how it is reported on.
- Meeting data coverage e.g. credit card number and personal information as required for PCI and DSS.
- The Solution may need to recognize source code or CAD files
- Ensure the solution provides appropriate coverage (don’t take the vendors word for it)
- Testing is crucial here
Step 5: How is your Data Currently Lost?
This will allow you to determine the type of product to use, does it involve, email, web? Or, the use of USB sticks? Here, you must ensure you don’t attempt to solve all possibilities for data loss. Instead you’re aiming to break the cycle of accidental data loss. Ceasing deliberate data loss is more difficult and can negatively impact your business. It is also imperative to take into account remote users and their off-site devices.
Step 6: Creating a Policy
Once the above has been established, it is important to implement a policy that recognizes the content, and how it will be controlled. The previous steps outlines what should be included in the policy to prohibit internal information from being leaked.
Step 7: Testing
It all comes down to testing. While your fine tuning controls, it pays to run the testing in monitoring only mode. This will aid in identifying policy details and how it is enforced in the future.
Step 8: Policy Communication
Communicating your policy to your employees is an imperative component for the success of the project. Your employees must understand why these controls have been implemented, as they will affect them everyday. Gather their feedback concerning the controls and how you can minimizes its impact on their workload.
Step 9: Policy Enforcement
At this point you have successfully constructed, tested and communicated the policy. It’s at this point where you can move away from monitoring and initiate the policy. Schedule and release them, prioritize them in importance and don’t activate them all at once. This stage needs copious coverage, to amend any complications. This will impact your employees, make sure you support them during this stage.
Step 10: Future Proof Your Organization
Keep a close eye on DLP solution improvements, keeping up to date will ensure you have the best controls in place. Be on the hunt for improved ways to classify content or different types of content saved. As you continue to implement new applications, consider how you can simplify the DLP controls required. Following these steps will put your organization at the forefront, blocking leaks, allowing your business to focus on the important stuff.
Partner with Royal IT to Find the Best Solution
Royal IT can help you develop and implement a data loss prevention solution that suits your business and your needs. To discuss a suitable data loss prevention strategy or if you have any questions, feel free to contact us.