Enabling a Productive, Mobile Workforce with Data Loss Prevention
The rapidly increasing number of security breaches and data loss incidents is driving companies to implement data loss prevention (DLP) solutions as part of their overall endpoint security systems to prevent sensitive information from making its way out of the corporate network. Data must be accessible to mobile workers, partners, and the supply chain, but at the same time a company must prevent that data being accidentally or intentionally delivered into the wrong hands. Consequently, DLP software has become just as important as antivirus, host intrusion prevention, firewalls, and other security technologies and must be incorporated into an overall enterprise security system.
As more organizations look to incorporate this promising technology into their infrastructure, it is critical to understand what makes some DLP solutions more effective than others. The most comprehensive DLP tools enable organizations to discover data as well as monitor, protect and manage it.
Locate Sensitive Data
The proliferation of mobile computing devices as well as the use of portable media, such as USB flash drives, signal that today’s workforce is becoming more and more mobile. In such an environment, simply knowing which desktops, laptops, or other devices contain the most sensitive data is a monumental challenge. Worse yet, it is impossible to track how sensitive information is being accessed and manipulated without first knowing where that information is stored across the thousands of laptops, desktops and other endpoints in the enterprise. Indeed, unless such information is first found, it cannot be secured.
DLP addresses this challenge by providing visibility into where confidential data is stored. DLP scans for sensitive data on the endpoint, whether local or remote and regardless of whether the user is on or off the network. Armed with this information, IT can then take steps to inventory, secure or even relocate this data.
Furthermore, by pinpointing systems on which the most sensitive data is found, DLP also makes it easier to prioritize which laptops and desktops need encryption.
Track Data Use
Once sensitive data is located, its use must also be monitored to ensure that it remains private. To that end, DLP tracks how confidential data is being used at the endpoint, whether or not that endpoint is attached to the network.
DLP monitors files that are downloaded to local drives, copied to USB or other removable media, or burned to CD/DVDs as well as data transferred over email, IM, FTP or HTTP. It also monitors for sensitive information that is copied, pasted, printed, or faxed electronically.
DLP takes the guesswork out of secure data handling.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
DLP is only as good as the detection engine
All enterprises need to know the DLP solutions' False Positive and False Negative Rates! If it's not zero, look elsewhere.GTB Technologies DLP- virtual zero false positive rate
What is Symantec's data loss prevention (DLP)'s false positive rate?