Top
Share |

DLP Experts News

...................................................

All-New Q2 Webinar Series

We have developed a new series of DLP webinars designed to provide relevant and practical guidance that can be acted upon for immediate impact in any organization. Topics include DLP Complexities: Unplugged and DLP Technical Requirements ReviewClick here for info and to register!

...................................................

Listen to the rebroadcast of DLP Experts, CA and Capella University in the (ISC)² ThinkTank on Integrated Data Governance: Identity Aware Data Protection and Control from December 14, 2010.

...................................................

DLP Experts' Jared Thorkelson visits once again with Tom Field of BankInfoSecurity.com for a podcast entitled The True Value of Data Loss Prevention.

...................................................

Read the new feature article by DLP Experts on infosecurity.com Simplifying Data Loss Prevention....................................................

Download the new DLP Experts White Paper sponsored by Blue Coat entitled, The Evolution of Data Loss Prevention:  Reducing Complexity.

...................................................

Jared Thorkelson of DLP Experts presented at the recent (ISC)²® e-Symposium, Assets vs. Liabilities - Managing the Insider Threat, on the topic of Effective Employee Management for Better Data Protection

Also see these DLP Experts archived events:

Effective Employee Management for Better Data Protection - "This e-Symposium was, without a doubt, superior to many others...These topics cannot be overly emphasized. Thanks a ton - Keep preaching it!"

The Truth About DLP

Building a Solid Foundation for DLP

Understanding the Limitations of DLP

...................................................

See DLP Experts in the recent BrightTALK Data Loss Prevention Summit. View the archived event

...................................................

DLP Experts' interview and podcast with founder, Jared Thorkelson, on BankInfoSecurity.com. Listen to the archived event.

CATEGORIES
TAGS

DLP.HQ

This forum, DLP.HQ, is open to all visitors to read, post and comment. 

Announcing the recent release of DLP.BOX, a free subscription service providing information on DLP, including a  DLP User-Only Forum, the first of its kind.  Alread a member of DLP.BOXLogin or sign up here.

 

Entries in DLP Myths (2)

Thursday
Sep022010

DLP Myth #5: DLD is the same thing as DLP

DateThursday, September 2, 2010 at 8:58PM

It may surprise you to find that many DLP enforcement technology implementations are not even DLP--they're DLD, data loss detection.  Too many companies forget that the "P" stands for prevention.  Blocking.  Frankly, it's not really the end user's fault, rather the responsibility of the vendors.  There are a couple critical elements at play in this discussion:

  • Inaccuracy often is the cause for failing to enable blocking.  If a vendor's DLP technology does not prove accurate, to turn on blocking is far too risky for the end user.  This will impede normal business process.  Unfortunately, a DLP vendor is only as good as their capacity for accurate detection.  Keep in mind that not all DLP detection is create equal.  (We'll discuss this topic in a later post).
  • Most DLP enforcement technologies are limited in what they can block:  SMTP, FTP, HTTP, HTTPS and other proxiable protocols.  This is true of the biggest names in DLP and is not something that's commonly known among buyers of DLP technologies.  Since this is the case among most vendors,  analysts accept it as a limitation of DLP, and since the analysts help shape the expectations of the marketplace, most buyers accept the limitation (once they finally know about it).  The limitation lies in the core technologies of these vendors which depend on proxy devices to do the dirty work of blocking.  There are two vendors I'm aware of that have the ability to block all protocols and not just proxiable ones:  Fidelis Security Systems and GTB Technologies.  However, in my opinion, each have their own deficiencies in other areas that may cancel out the blocking benefit.  There is no perfect DLP enforcement technology (and we'll discuss this in a later post also).

The bottom line is, as much as you may like to, you'll likely not be able to block everything that needs to be.  However, if you choose a vendor with the right detection capabilities, it will go a long way toward being able to flip the switch to turn your data loss detection into true data loss prevention!

AuthorDLPX | CommentPost a Comment |
tagged , , , , in , , , , , ,
Tuesday
Aug312010

DLP Myth #3: You can "buy" DLP

DateTuesday, August 31, 2010 at 7:27PM

Many organizations considering data loss prevention focus on technology to address the need.  While you can "buy" DLP enforcement technologies, data loss prevention is more than a product.  Data loss prevention is a process and one step in that process is the purchase and deployment of technologies to enforce an organization's data protection strategy.

Some people think I'm splitting hairs with this thinking, however, after having seen dozens of good and bad DLP strategies, I'm convinced my argument is sound.

Since DLP is a process it's important not to get caught up only in the technology side.  For many companies, this is a real tendency because many DLP projects are handed off to IT to deal with as an IT problem.  The reality is that data loss prevention is a risk management and compliance problem that happens to utilize technology as a major method of policy enforcement.  

Because it's a process, it's important to complete each step.  Like the proverbial three-legged stool, to leave out one step can lead to serious negative consequences.

At DLP Experts, we promote a five step process to our customers for a successful data loss prevention initiative:

  1. Assess.  Assess current situation, identifying critical data and major concerns. –What data should be protected? –Where is the data located? –Who should have access to this data? –What are the major data leakage points?
  2. Create.  Create a comprehensive data protection plan and written data protection policy. –Use the data from the assessment as a guide. –Prioritize your critical data and start with a policy to protect that first, building to other key data. –Your data protection plan is dynamic and you can always update it in the coming months.
  3. Promote.  Promote the data protection plan and policy among all employees, contractors and vendors.  –This is the single most important step in protecting critical data. Most data breaches are unintentional, so getting staff to be vigilant is key. –Get signed acknowledgement from employees that they understand the policy—and the consequences for failing to follow it! –Consider formal training.
  4. Enforce.  Implement technologies to enforce the data protection plan and policy.  –Consider all existing technologies in your network. You likely have some elements of DLP in your arsenal:  encryption and email content filtering are fairly common. Make use of them. –Configure enforcement technologies to best mirror your new policies. 
  5. Maintain.  Maintain and update plans and policies based on changing business needs. –Monitor enforcement technology reports. –Conduct regular extrusion testing. –Provide annual data protection training.

The next time someone in your organization says, "We need to buy DLP," make sure they read this! ;)

AuthorDLPX | CommentPost a Comment |
tagged , , in , ,