Malware Bytes

Data Loss Prevention (DLP)

Data Loss Prevention (DLP) is the practice of detecting and preventing data breaches, exfiltration, or unwanted destruction of sensitive data. Organizations use DLP to protect and secure their data and comply with regulations. x.

The DLP term refers to defending organizations against both data loss and data leakage prevention. Data loss refers to an event in which important data is lost to the enterprise, such as in a ransomware attack. Data loss prevention focuses on preventing illicit transfer of data outside organizational boundaries.accounts.

Organizations typically use DLP to:

  • Protect Personally Identifiable Information (PII) and comply with relevant regulations
  • Protect Intellectual Property critical for the organization
  • Achieve data visibility in large organizations
  • Secure mobile workforce and enforce security in Bring Your Own Device (BYOD) environments
  • Secure data on remote cloud systems

How does data loss prevention work?

DLP software monitors, detects and blocks sensitive data from leaving an organization. That means monitoring both data entering the corporate networks, as well as data attempting to exit the network.

Most DLP software products focus on blocking actions. For example, if an employee tried to forward a business email against company policy outside the corporate domain or upload a corporate file to a consumer cloud storage service such as Dropbox, permission would be denied.

Also, DLP software can block employee computers from reading and writing to USB thumb drives to prevent unauthorized copying.

Detection primarily centers on monitoring incoming email, looking for suspicious attachments and hyperlinks for phishing attacks. Most DLP software offers organizations the option of flagging inconsistent content for staff to manually examine or block it outright.

What are the types of data loss prevention?

Network DLP covers a range of data security techniques. These include the following:

Data identification. DLP is only useful if it is told what is and is not sensitive. Businesses should use an automated data discovery and classification tool to ensure reliable and accurate identification and categorization of data rather than leaving it to humans to decide.

Protecting data in motion. Data is moved around quite a bit internally, and external breaches often rely on this to reroute the data. DLP software can help ensure that data in motion is not routed someplace it should not go.

Protecting data at rest. This technique secures data when it is not moving, such as residing in databases, other apps, cloud repositories, computers, mobile devices and other means of storage.

Endpoint DLP. This type of DLP functionality protects data at the endpoint device level - not just computers, but mobile phones and tablets as well. It can block data from being copied or encrypt all data as it is transferred.

Data leak detection. This technique involves setting a baseline of normal activity, then actively looking for unusual behavior.

Cloud DLP. DLP solutions have evolved to manage and protect critical data in software-as-a-service and infrastructure-as-a-service applications.