By Samantha Agather, Information Security Analyst – Intrinium
The Suite Life of Data Loss Prevention Services
One of the worst outcomes of a security incident that materializes risk to a business is data loss, whether it’s an internal resource accidentally sending an email to the wrong client or through someone taking data via a USB drive. Many security companies offer services to detect and even prevent data loss through those kinds of methods, and methods a little less common.
These companies can also offer services to monitor Data Loss Prevention (DLP) and report when they detect suspicious activity.
Ok, I’m interested. What is it?
The DLP service can either be a specific device or a piece of software configured to monitor either one endpoint or more for files being transferred or for network traffic like emails containing attachments or data that shouldn’t be going to the person it’s addressed to.
Analysts of a third party will go through and review these alerts, escalating them to your company with the information of who sent the email/who was copying information.
Ok, so what’s it do aside from that?
The DLP sifts through network traffic and monitors computers, searching for traffic that appears out of the ordinary or that have been specifically flagged as suspect. If it detects something abnormal, it will generate an alert and respond accordingly to the severity of the potential leak. The effectiveness of the solution is naturally dependent on your architecture (where are you analyzing information, are you decrypting encrypted traffic, etc.)
Ok, so what other benefits are there?
Implementing DLP services will help detect and reduce potential data egress, whether it’s company information or customer information. A successful outcome of DLP is that you can mitigate or reduce significant risk to your business. If your company opts to get the monitoring service along with the DLP service, this will allow you to utilize resources from your company for more critical projects. You naturally should look for a partner that can analyze these alerts within the context of your business!
Let’s go deeper into the security part of this.
Data egress from internal sources accounts for more than 80% of incidents, and it’s usually through human error, such as typing in the wrong email address. Having a security fallback to help prevent human error is one of the best ways to prevent data egress. The rest relies on Event Management, Intrusion Prevention, and your firewall to keep external forces from getting in and getting your data.
If you are in the market for a Trusted Advisor to assist with DLP services and monitoring solutions, we are here to help make your business more productive and assist in optimizing profitability.