Traditional
security solutions are focused on preventing external security threats
from reaching the network. In today’s security environment, this
is only half the story. Data breaches are now commonplace, exposing
an organization’s confidential and sensitive data – referred to
as digital assets – to outside unauthorized parties. A data breach
may occur as a result of internal employee mistakes or carelessness,
data outsourcing, stolen or misplaced computing devices, or malicious
attacks.
Data breaches can:
-
Damage brand reputation
-
Erode customer trust in the organization
-
Result in unnecessary costs to cover for remediation and
to pay fines for violating compliance regulations
-
Lead to lost business opportunities and revenue when intellectual
property is stolen
With the prevalence and damaging effects of data breaches, organizations
now see digital asset protection as a critical component of their
security infrastructure.
Data Loss Prevention
safeguards an organization’s sensitive data against accidental or
deliberate leakage. Data Loss Prevention allows you to:
-
Identify the sensitive information that requires protection
using data identifiers
-
Create policies that limit or prevent the transmission of
digital assets through common transmission channels, such as email
and external devices
-
Enforce compliance to established privacy standards
Before you can monitor sensitive information for potential loss,
you must be able to answer the following questions:
-
What data needs protection from unauthorized users?
-
Where does the sensitive data reside?
-
How is the sensitive data transmitted?
-
What users are authorized to access or transmit the sensitive
data?
-
What action should be taken if a security violation occurs?
This important audit typically involves multiple departments
and personnel familiar with the sensitive information in your organization.
If you already defined your sensitive information and security
policies, you can begin to define data identifiers and company policies.
