Data Loss Prevention (DLP) encompasses a suite of tools and procedures designed to prevent the loss, misuse, or unauthorized access of sensitive data, particularly by individuals outside the organization. This is also known as data leakage prevention.
DLP systems have the capability to scan unencrypted data for specific keywords and data patterns. For example, if your organization uses data classifications such as confidential, proprietary, private, and sensitive, a DLP system can scan files for these terms and detect them. This helps in identifying and securing sensitive information according to predefined policies, ensuring that data is handled appropriately and protected from unauthorized access or leakage.
Types of DLP
Network based DLP
A network based DLP scans all out going data looking for specific data. Administrators place it on the edge of the network to scan all data leaving the organization. By inspecting data packets for specific keywords, patterns, and content that match predefined policies, network-based DLP can identify potential data breaches or policy violations.
For example: if confidential or proprietary data is being sent via email or uploaded to an external website, the DLP system can block the transmission, alert security administrators, or log the event for further investigation. This type of DLP is crucial for safeguarding sensitive information as it travels across the network, ensuring that data remains secure and compliant with regulatory standards.
Endpoint based DLP
Endpoint-based DLP systems are designed to secure data that is actively being used, accessed, or stored on individual devices within an organization. These systems monitor and control data handling activities on endpoints to prevent unauthorized access, leakage, or misuse of sensitive information. An endpoint based DLP can scan files stored on a system as well as files sent to external devices, such as printers.
For example: An organization endpoint based DLP can prevent users from copying sensitive data to USB or sending sensitive data to printer.
Cloud DLP
Cloud Data Loss Prevention (DLP) refers to the set of tools and strategies designed to protect sensitive data stored in cloud environments, such as cloud storage services (e.g., AWS S3, Google Cloud Storage), Software-as-a-Service (SaaS) applications (e.g., Office 365, Salesforce), and Infrastructure-as-a-Service (IaaS) platforms (e.g., AWS EC2).
Views: 4
