Data Loss Prevention Best Practices
Our businesses use an ever-increasing amount of data in their day-to-day operations. We use, collect, and share data for everything from accounting to marketing and customer communications. This data then flows in and out of our organisations to remote workers, partners, customers, and more. What’s more, a lot of the data we hold can be either extremely valuable, intellectual property, regulated or highly sensitive such as personally identifiable information which must be protected by law. This is where Data Loss Prevention Best Practices comes into play.
What is Data Loss Prevention (DLP)?
Data Loss Prevention (DLP) as a concept is a set of policies, practices and solutions that aim to prevent sensitive information from being lost, misused or accessed by unauthorised users. DLP strategies not only aim to protect against external threats but internal risks such as human error and accidental deletion of data.
DLP software uses rules to find and classify data so that levels of risk can be established. It is then possible to put extra layers of protection in place where needed. Moreover, DLP technologies can automatically detect anomalous behaviour, identifying violations of policies, and triggering responses, such as alerts and encryption.
Why Do You Need a DLP Solution?
With data breaches hitting the headlines on an almost daily basis, we are only too aware of the costs. Not only financially damaging, when a data breach hits, it can also have a major reputational impact.
We must safeguard our data not only as it is a legal requirement, but to ensure it doesn’t end up in the wrong hands. A wave of strict data protection regulations worldwide, such as the EU’s General Data Protection Regulation (GDPR) and Australia’s Notifiable Data Breaches Scheme, have made businesses even more accountable for the data they collect and process, with significant fines for non-compliance. However, keeping track of such a huge volume of data and gaining visibility can be a significant challenge, especially when multiple platforms, applications, and services are used simultaneously on many devices. This is where DLP solutions come into play.
DLP Best Practices You Should be Using
DLP solutions form a major part of an organisation’s data protection strategies. They use technology to identify, monitor and analyse the storage and movement of data. However, they also do so much more, technology being only one component of an effective DLP strategy. Some of the best practices every company should be using include:
Implementing a Centralised DLP Program
While most organisations realise the importance of DLP, it is often implemented in an ad-hoc fashion with various departments and teams doing their own things. When this happens, it is almost impossible to gain a holistic view of the organisation’s data assets, and a lack of visibility inevitably leads to weak data security. Organisations should implement a centralised DLP program to ensure that it is relevant to the whole business and its employees.
Conducting an Inventory Assessment
Before an organisation can protect its sensitive data, it needs to know what data it owns, where it is, and how it is stored. Data that is shared directly with customers or moves in and out of endpoints will be higher risk than data which resides in one secured area. Firstly, organisations need to evaluate the types of data they hold and the relevant value to the business. They then need to classify the data to determine whether it is sensitive, such as confidential information or intellectual property. Finally, they need to determine the level of risk and cost associated with the data, should it be compromised. Every industry’s regulatory code will be a good starting place for designating and classifying its information.
Establishing Data Handling and Remediation Policies
Once data has been classified accordingly, businesses should determine what users are permitted to do with it. This will include;
- preventing unauthorised personnel from viewing or modifying data,
- protecting data when it is stored, in transit or in use,
- and separating personal and corporate data.
Policies may dictate blocking sensitive data from being transferred via unsecured channels, limiting how sensitive data can be sent to via email, and deleting or encrypting sensitive data on unauthorised computers. Government regulations, such as HIPAA or GDPR, will be in place for how certain categories of data should be handled. Policies and pre-configured rules should be enforced across the organisation, including a remote working policy with DLP tools that will work outside of the company network.
Setting Various Levels of Authorisation
Not only can sensitive data be stolen, but it can be accidentally overwritten or deleted by employees. Access management is vital to ensure that only authorised people have access to data within an organisation. Access to sensitive data should be limited to those who genuinely need to use it, depending on their roles and responsibilities. Authorisation should also be implemented based on devices, blocking USB and peripheral devices, or for example, implementing enforced encryption. DLP tools should enable organisations to set up different levels of authorisation based on users, devices, groups, or departments.
Investing in Educating Employees
Employee awareness and education should form a vital part of a successful DLP program. This should include the likes of classes, online training, and emails to not only educate but to continually reinforce the message. With a regular training program in place, employees will have a better understanding of the importance of data security and the role that they play in that. Training can also be designed to address any blind spots in employees’ data security practices with real-life examples. And, in some instances, penalties for breaching data security can also be used to improve compliance.
How to Improve Your DLP Program
Having the right technology, tools, and processes in place is vital to your DLP program delivering on its promises. You need visibility of the types of data your organisation holds, and its movement across your business in order to create a well-planned strategy and deploy it successfully.
InfoTrust has teamed up with cloud security partner, Netskope to help businesses with this problem. InfoTrust and Netskope are offering a free, complimentary workshop to show organisations how they can gain greater visibility of their data, assets and applications in order to protect them more effectively.
Contact InfoTrust today to find out more and set up a cloud risk workshop.
see our
Related resources
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Cyber attacks and data breaches have been commonplace in the news headlines for some time now. Although a warning from the media is certainly helpful, there is so much more that can be done when it comes to threat intelligence sharing. Threat intelligence sharing is an important part of the global cybersecurity community effort to tackle cybercrime and should form a part of every organisation’s cybersecurity strategy. Sharing cyber threat intelligence enables organisations to make informed decisions about their cybersecurity, building more effective and robust cyber defences.
One of my favourite annual reports to read is the Verizon Data Breach Investigations Report. It’s packed full of insights about the threat landscape and security leaders, in my opinion, should read this report to get a pulse on what’s happening in cyber-scape.
After all, as cyber leaders, we are here to stop breaches – so the insights gained from real cyber incidents and breaches is gold in learning how to tighten up our defences.
All businesses, large and small, are under increasing pressure to demonstrate that they are managing the risk of cyberattacks. This means having the right processes and controls in place to identify risks and vulnerabilities, protect information, as well as detect, respond, and recover in the event of cybersecurity incidents. As such, many businesses are turning to certification authorities and security frameworks to demonstrate privacy and security best practice and achieve compliance with regulatory bodies. System and Organisation Controls (SOC 2) is one such compliance framework that can help organisations to create a structured approach to cybersecurity.
Frost & Sullivan has recently released its 2021 Frost Radar: Email Security report, where its findings provide a benchmarking framework to help businesses protect their email from cyber threats.
As we operate in an increasingly digital world, every business collect, store, and share more and more data. And, amongst that data is personal information. With the OAIC marking this year’s Privacy Awareness Week (PAW) from Monday 3 May to Sunday 9 May 2021, it’s time for us all to review how we protect our customers’ personal information.
We're Here To Help