[BreachExchange] Understanding the Five Primary Types of Data Loss Prevention Solutions
Audrey McNeil
audrey at riskbasedsecurity.com
Thu Jan 5 18:55:59 EST 2017
http://wwpi.com/2017/01/05/understanding-the-five-
primary-types-of-data-loss-prevention-solutions/
Unexpected data loss, either to insiders or hackers, continues to be a big
threat these days. While in recent years, news of data breaches has
centered around B2C businesses (e.g. retail stores, banks) and customer
data, currently, the topic has even expanded into the political realm.
With the onslaught in high-profile breaches, the limitations and
vulnerabilities of traditional security have been brought to light. In
response, corporate IT executives proactively examine their own security
strategies and methods for data protection. While the actual costs of data
loss are hard to pin down – industry analysts estimate these to be anywhere
from $0.58 to $201 per record – the market for data loss prevention (DLP),
continues to grow. 451 Research predicts that by 2019, the DLP market will
reach $1.7 billion, while Markets and Markets estimates total DLP revenue
will expand from $0.96 billion in 2015 to $2.64 billion by 2020; a robust
compound annual growth rate (CAGR) of 22.3% — among the fastest growing IT
security segments.
Most company attempts to mitigate data loss can (and should) start with an
internal assessment of their own data and the programs in place to protect
this. Such an inventory should include understanding the most critical data
at risk (e.g. intellectual property, enterprise information and customer
data); understanding how data breaches can occur (e.g. accidental leaks vs.
malicious internal or external threats); and informing and training
employees on policies and procedures to safeguard sensitive company data.
Finally, when it comes to considering a DLP system, companies need to
clearly understand the five primary types of available DLP solutions:
Endpoint-Based DLP monitors myriad devices (e.g. desktops, laptops,
smartphones, tablets, etc.) to discover and prevent data leakage. Here, for
example, outgoing emails or print commands can be scrutinized for procedure
violations or discrepancies. Centrally managed and policy driven, this
method prevents data loss at the endpoint. However, to be effective, it
must be deployed on all corporate devices to ensure comprehensive data
protection.
Network-Based DLP, installed at the perimeter of corporate networks,
analyzes traffic to discover suspicious outgoing data. If data disclosure
policies appear to be violated, the leak source is determined. This
approach is also centrally managed and policy driven but cannot prevent
data loss at the endpoint, such as through mobile storage devices (e.g. USB
drives).
Storage-Based DLP defends the storage of sensitive data. As storage risk is
often due to insufficient data retention policies, these solutions can do
far more than just protect critical data from leaking.
Content-Aware DLP should be a key aspect of any security solution, as it
monitors and enforces security policies based on the content and
classification of sensitive data. Here, an alert is provided if a
predefined keyword or file type is detected to be leaving the organization,
which is effective in mitigating accidental or deliberate data leaks.
Basic DLP Tools mitigate security leaks caused by rogue apps and malicious
software. These tools scan installed programs and devices for security
holes or blind spots, preventing attacks that come in via malware or other
methods.
While understanding the primary DLP solution types is a start, determining
the right approach and solution will vary based on a particular
organization’s data, risk and threats. In any case, it’s clear that DLP
should be an integral part of a company’s proactive program to manage and
protect its most valuable and confidential information. The risk and
consequences of data loss are just too great in the times we live in
today.Unexpected data loss, either to insiders or hackers, continues to be
a big threat these days. While in recent years, news of data breaches has
centered around B2C businesses (e.g. retail stores, banks) and customer
data, currently, the topic has even expanded into the political realm.
With the onslaught in high-profile breaches, the limitations and
vulnerabilities of traditional security have been brought to light. In
response, corporate IT executives proactively examine their own security
strategies and methods for data protection. While the actual costs of data
loss are hard to pin down – industry analysts estimate these to be anywhere
from $0.58 to $201 per record – the market for data loss prevention (DLP),
continues to grow. 451 Research predicts that by 2019, the DLP market will
reach $1.7 billion, while Markets and Markets estimates total DLP revenue
will expand from $0.96 billion in 2015 to $2.64 billion by 2020; a robust
compound annual growth rate (CAGR) of 22.3% — among the fastest growing IT
security segments.
Most company attempts to mitigate data loss can (and should) start with an
internal assessment of their own data and the programs in place to protect
this. Such an inventory should include understanding the most critical data
at risk (e.g. intellectual property, enterprise information and customer
data); understanding how data breaches can occur (e.g. accidental leaks vs.
malicious internal or external threats); and informing and training
employees on policies and procedures to safeguard sensitive company data.
Finally, when it comes to considering a DLP system, companies need to
clearly understand the five primary types of available DLP solutions:
Endpoint-Based DLP monitors myriad devices (e.g. desktops, laptops,
smartphones, tablets, etc.) to discover and prevent data leakage. Here, for
example, outgoing emails or print commands can be scrutinized for procedure
violations or discrepancies. Centrally managed and policy driven, this
method prevents data loss at the endpoint. However, to be effective, it
must be deployed on all corporate devices to ensure comprehensive data
protection.
Network-Based DLP, installed at the perimeter of corporate networks,
analyzes traffic to discover suspicious outgoing data. If data disclosure
policies appear to be violated, the leak source is determined. This
approach is also centrally managed and policy driven but cannot prevent
data loss at the endpoint, such as through mobile storage devices (e.g. USB
drives).
Storage-Based DLP defends the storage of sensitive data. As storage risk is
often due to insufficient data retention policies, these solutions can do
far more than just protect critical data from leaking.
Content-Aware DLP should be a key aspect of any security solution, as it
monitors and enforces security policies based on the content and
classification of sensitive data. Here, an alert is provided if a
predefined keyword or file type is detected to be leaving the organization,
which is effective in mitigating accidental or deliberate data leaks.
Basic DLP Tools mitigate security leaks caused by rogue apps and malicious
software. These tools scan installed programs and devices for security
holes or blind spots, preventing attacks that come in via malware or other
methods.
While understanding the primary DLP solution types is a start, determining
the right approach and solution will vary based on a particular
organization’s data, risk and threats. In any case, it’s clear that DLP
should be an integral part of a company’s proactive program to manage and
protect its most valuable and confidential information. The risk and
consequences of data loss are just too great in the times we live in today.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170105/02432ace/attachment.html>
More information about the BreachExchange
mailing list