Data Loss Prevention Best Practices
Our businesses use an ever-increasing amount of data in their day-to-day operations. We use, collect, and share data for everything from accounting to marketing and customer communications. This data then flows in and out of our organisations to remote workers, partners, customers, and more. What’s more, a lot of the data we hold can be either extremely valuable, intellectual property, regulated or highly sensitive such as personally identifiable information which must be protected by law. This is where Data Loss Prevention Best Practices comes into play.
What is Data Loss Prevention (DLP)?
Data Loss Prevention (DLP) as a concept is a set of policies, practices and solutions that aim to prevent sensitive information from being lost, misused or accessed by unauthorised users. DLP strategies not only aim to protect against external threats but internal risks such as human error and accidental deletion of data.
DLP software uses rules to find and classify data so that levels of risk can be established. It is then possible to put extra layers of protection in place where needed. Moreover, DLP technologies can automatically detect anomalous behaviour, identifying violations of policies, and triggering responses, such as alerts and encryption.
Why Do You Need a DLP Solution?
With data breaches hitting the headlines on an almost daily basis, we are only too aware of the costs. Not only financially damaging, when a data breach hits, it can also have a major reputational impact.
We must safeguard our data not only as it is a legal requirement, but to ensure it doesn’t end up in the wrong hands. A wave of strict data protection regulations worldwide, such as the EU’s General Data Protection Regulation (GDPR) and Australia’s Notifiable Data Breaches Scheme, have made businesses even more accountable for the data they collect and process, with significant fines for non-compliance. However, keeping track of such a huge volume of data and gaining visibility can be a significant challenge, especially when multiple platforms, applications, and services are used simultaneously on many devices. This is where DLP solutions come into play.
DLP Best Practices You Should be Using
DLP solutions form a major part of an organisation’s data protection strategies. They use technology to identify, monitor and analyse the storage and movement of data. However, they also do so much more, technology being only one component of an effective DLP strategy. Some of the best practices every company should be using include:
Implementing a Centralised DLP Program
While most organisations realise the importance of DLP, it is often implemented in an ad-hoc fashion with various departments and teams doing their own things. When this happens, it is almost impossible to gain a holistic view of the organisation’s data assets, and a lack of visibility inevitably leads to weak data security. Organisations should implement a centralised DLP program to ensure that it is relevant to the whole business and its employees.
Conducting an Inventory Assessment
Before an organisation can protect its sensitive data, it needs to know what data it owns, where it is, and how it is stored. Data that is shared directly with customers or moves in and out of endpoints will be higher risk than data which resides in one secured area. Firstly, organisations need to evaluate the types of data they hold and the relevant value to the business. They then need to classify the data to determine whether it is sensitive, such as confidential information or intellectual property. Finally, they need to determine the level of risk and cost associated with the data, should it be compromised. Every industry’s regulatory code will be a good starting place for designating and classifying its information.
Establishing Data Handling and Remediation Policies
Once data has been classified accordingly, businesses should determine what users are permitted to do with it. This will include;
- preventing unauthorised personnel from viewing or modifying data,
- protecting data when it is stored, in transit or in use,
- and separating personal and corporate data.
Policies may dictate blocking sensitive data from being transferred via unsecured channels, limiting how sensitive data can be sent to via email, and deleting or encrypting sensitive data on unauthorised computers. Government regulations, such as HIPAA or GDPR, will be in place for how certain categories of data should be handled. Policies and pre-configured rules should be enforced across the organisation, including a remote working policy with DLP tools that will work outside of the company network.
Setting Various Levels of Authorisation
Not only can sensitive data be stolen, but it can be accidentally overwritten or deleted by employees. Access management is vital to ensure that only authorised people have access to data within an organisation. Access to sensitive data should be limited to those who genuinely need to use it, depending on their roles and responsibilities. Authorisation should also be implemented based on devices, blocking USB and peripheral devices, or for example, implementing enforced encryption. DLP tools should enable organisations to set up different levels of authorisation based on users, devices, groups, or departments.
Investing in Educating Employees
Employee awareness and education should form a vital part of a successful DLP program. This should include the likes of classes, online training, and emails to not only educate but to continually reinforce the message. With a regular training program in place, employees will have a better understanding of the importance of data security and the role that they play in that. Training can also be designed to address any blind spots in employees’ data security practices with real-life examples. And, in some instances, penalties for breaching data security can also be used to improve compliance.
How to Improve Your DLP Program
Having the right technology, tools, and processes in place is vital to your DLP program delivering on its promises. You need visibility of the types of data your organisation holds, and its movement across your business in order to create a well-planned strategy and deploy it successfully.
InfoTrust has teamed up with cloud security partner, Netskope to help businesses with this problem. InfoTrust and Netskope are offering a free, complimentary workshop to show organisations how they can gain greater visibility of their data, assets and applications in order to protect them more effectively.
Contact InfoTrust today to find out more and set up a cloud risk workshop.
see our
Related resources
Cybersecurity should be front of mind for every organisation, especially in the wake of the current global pandemic. Our ways of working have changed immensely, with a surge in the volume of remote workers using different networks, devices, and platforms. Meanwhile, our businesses are using cloud computing and IoT technologies to facilitate new ways of working, reduce costs, and improve performance. The result is that the attack surface has increased, and with that comes an increase in the volume of cyber threats.
There are images of extensive, verbose documents, complex definitions, and eye-watering Excel sheets when the term GRC is mentioned. For the past two decades, GRC has been central to core business processes across many organisations at both ends of the enterprise spectrum, as well as in the small-to-medium business space in recent times.
But the world has moved on; organisations are forced to embrace digital disruption and agility if they haven’t done so whole-heartedly. And this very disruption is positioning GRC to become less-than-ideal to solve the challenges that said disruption brings with it.
Phishing attacks have increased dramatically over the last few years, with the global pandemic escalating the situation further. Cybercriminals take advantage of insecurities and fear and play on human nature to trick and deceive. In fact, according to the OAIC, phishing attacks that involved compromised credentials accounted for 30% of all cyber incidents in the first half of 2021. And human error formed a major source of these breaches. Unfortunately, due to the clever social engineering tactics used by cybercriminals, technical filters alone aren’t sufficient to protect against phishing.
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Secure Access Service Edge, better known as SASE (pronounced sassy – yes that is right) was one of the new security terms on the block in 2019. But it’s actually been around for some time, just without its official moniker. It is expected that by 2024, at least 40% of enterprises will have strategies in place to adopt SASE, according to Gartner.
In this post, Cloud Security Engineer, Will Michail takes a look at why its popularity is increasing now, what the term means and how vendors and organisations are utilising it to enable digital transformation.
We're Here To Help