What is Data Loss Prevention (DLP)? A Definition of Data Loss Prevention



Learn more about data loss prevention software in Data Protection 101, our series covering the fundamentals of data security.

A Definition of Data Loss Prevention (DLP)

Data loss prevention (DLP) is the strategy used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. Generally, DLP software products classify and protect confidential and critical information to prevent end users from accidentally or maliciously sharing data that could put the organization at risk. Data loss prevention software and tools monitor and control endpoint activities, plus filter data streams on corporate networks and protect data as it moves.

Driving Forces Behind Adopting Data Loss Prevention Software

Insider threats and tightened state privacy laws that include strict data protection and access control requirements are two factors that have led to increased DLP adoption. As employees, partners, and contractors create, manipulate, and share data, they work on and off the network, on corporate and personal devices, and in the cloud. Potential insider threats loom behind every click, and the corporate network and sensitive data are at risk.

Email is an especially important consideration of data loss prevention strategy because so much sensitive data and information is shared through email today. Business-critical communication also relies on email, which poses a threat to organizations if employees fail to follow corporate policies for handling sensitive/confidential data. Organizations need to be sure they are adopting DLP software and tools that can secure corporate email communications without hindering worker productivity.

Insider Threats (And the Need for DLP) Are On the Rise

BusinessNewsDaily recently reported on a Raytheon study that shows employees put company’s confidential data at risk frequently. The types of sensitive data these employees access ranges from financial and healthcare records to private company information, intellectual property, trade secrets, and personally identifiable information (PII).

The study also found that many employees are granted higher access privileges than needed for their specific roles and responsibilities, creating unnecessary opportunities for data to be misused or stolen. Additionally, “65 percent of the professionals surveyed for the study said it’s curiosity, not job necessity, that’s driving these same individuals to access sensitive or confidential data.” This is exactly the reason for DLP solutions; if users only have the access they need, insider threats are greatly diminished.

Other key findings from the data loss prevention study include:

  • Nearly 50 percent of those surveyed said it’s likely malicious insiders would use social engineering or other measures to obtain someone’s access rights
  • 60 percent said their security tools don’t provide enough contextual information to determine the intent behind reported incidents
  • 59 percent said their tools yield too many false positives
  • 59 percent said failure to implement controls for sensitive data access poses the greatest threat to general business information, followed by customer information at 49 percent
  • 88 percent of those surveyed recognize enhanced security as a top priority, but less than half of those have a dedicated budget to invest in data loss prevention technologies to reduce insider threats

Raytheon’s study does an excellent job of detailing the need for data loss prevention solutions capable of protecting against the traditional definition of insider threats, but the very concept of an “insider” has changed dramatically over the years. While insiders once only included a group of employees confined to the corporate network perimeter, modern business practices have greatly expanded what should be considered an insider. Contractors, suppliers, partners, and other business counterparties are often given access to corporate networks and sensitive data. In addition to counterparties being granted insider access, malicious hackers and cyber criminals can use stolen credentials to masquerade as insiders and gain all of the access privileges held by those insiders. As a result, the most effective data loss prevention solutions must be data-centric; capable of protecting data wherever it travels rather than protecting specific networks, applications, or users.

Given the extent of the insider threat today, it becomes clear that too many companies and organizations are not prepared to combat insider threats with data loss prevention. Even those that have DLP software solutions are not maximizing their potential or getting the most out of their investments. It is time for companies and their DLP providers to work together to combat the risks and financial loss associated with sensitive data loss.

Nate Lord

ANALYST REPORTS

Gartner 2017 Magic Quadrant for Enterprise Data Loss Prevention (DLP)