ADVERTISEMENT

Are Data Loss Prevention systems a viable leak prevention strategy?

Data loss prevention
David Balaban
David Balaban Security Researcher
Jan 21, 2022 Updated: 21 January 2022 5 min read

DLP evolution stages

  • Intentional leaks – malicious actions of insiders.
  • Unintentional leaks – these stem from staff members’ slip-ups. When a DLP is being deployed, employees learn and understand how to handle information, which reduces risks for the company.
  • Compliance – ensuring that security standards are met when dealing with sensitive data.
  • Protection against external threats – ransomware is a prime example of such peril; moreover, cyber extortionists are increasingly stealing data in addition to encrypting it.

Recent impactful data breaches

  • Uber: the names, addresses, and phone numbers of 50 million customers and 7 million drivers were stolen and published on publicly available resources.
  • Facebook: personal data of a whopping 533 million users ended up on a hacking forum.
  • Marriott hotel chain: more than 5 million customer databases were stolen.

How feasible is leak prevention in general?

  • Information security – controlling all events and transactions that involve sensitive data.
  • Economic security – investigating specific incidents.
  • Human resources security – DLP systems can draw conclusions by analyzing the actions of an employee.

Who is responsible for managing a DLP system?

DLP deployment peculiarities

  • Agents: network agents (servers, gateways) and host agents.
  • Cloud services.
ADVERTISEMENT

New DLP features in 2021

  • Aggregating passwords for accessing corporate resources (a weak password is a serious vulnerability).
  • Web isolation technology that applies to users exhibiting suspicious activity.
  • Cloud Access Security Broker (CASB) functionality.
  • Building a unified DLP system of geographically distributed installations.
  • Staff control – supervising user productivity.
  • Screen capture protection technology.
  • User reputation filters.
  • Automatic detection of graphical “fingerprints” (CEO’s signature, company seal, etc.).

How to choose a DLP system?

  • Channels – the communication channels that need to be secured.
  • Deployment and distribution – the complexity of implementing the solution.
  • Pre-configured templates – sets of available policies, rules, and scripts.
  • Availability of a classifier.
  • Interaction with the vendor (dialogue, support, training, etc.)
  • Fault tolerance, resources, and performance – hardware and software requirements, how the system handles a functional load.
  • Automation of self-support and follow-up tasks.
  • Pilot project – before making up your mind, implement a trial version of the tool, play around with its features, and generally immerse yourself in the product as much as possible.

FAQs

Summary

ADVERTISEMENT