Data loss prevention (DLP) is a class of technology that aims to help organisations with many of the problems that they have regarding unauthorised access to data, data loss or theft, and any situation where data can be manipulated, whether inadvertently or not. Since data is now considered to be one of the most important assets of many organisations, data protection and DLP have risen to be of paramount importance for all, whatever the size of the organisation or the industry in which it works. DLP is a key part of any technology arsenal for ensuring that sensitive and critical information remains secure.
DLP works by monitoring data flows to detect and block sensitive data when it is in use, in motion as network traffic or at rest in storage. By keeping track of all sensitive data, organisations will be much more likely to detect and prevent data breaches or exfiltration of data.
Recent research from the Ponemon Institute shows that insiders in an organisation are the greatest culprits when it comes to data loss, with 40% of data loss incidents caused by employee negligence in not following the dictates of policies and 27% caused by insiders acting maliciously. Emails are the greatest cause of data loss, with 60% of organisations experiencing data loss or exfiltration caused by an employee making a mistake over email and almost a quarter seeing up to 30 such incidents per month. The consequences can be far-reaching, with 57% stating that this caused them to be in non-compliance with data protection regulations and 52% suffering damage to their reputations, which can lead to revenue loss as customers take their business elsewhere.
The benefits of DLP
Deploying DLP will go a long way towards helping to solve such issues. According to Censornet, there are three main use cases for DLP that will resonate with any organisation. The first is for achieving regulatory compliance with data protection requirements that are becoming more onerous in locations around the world and that often have a far-reaching purview. Sanctions for non-compliance can hit hard.
Second is data security. DLP can help organisations to protect their confidential information from threats caused by insiders, such as sharing sensitive data inappropriately via email or online file-sharing sites. Thirdly, DLP can help with protecting information against accidental deletion or modification and can ensure that all data remains secure and can only be accessed by those who are authorised to do so.
Whilst regulations are getting more onerous and insider threats are not abating, these are not the only reasons why interest in DLP is surging. Organisations have been turning to cloud services in greater numbers since the pandemic began in order to make access to corporate resources and other services easier, especially for those working remotely. In many cases, those remote workers could be using a non-sanctioned device to access resources, including smartphones and tablets that may not have adequate security protections, making it even more important that security and data protection are taken seriously. DLP will ensure that only authorised personnel can access sensitive resources to prevent accidental data loss, malicious attacks and other security threats.
Data volumes are also growing rapidly, which makes protecting data a more onerous problem without the right tools in place. With DLP, organisations are better placed to make decisions regarding what their more critical and sensitive data is and where it resides in order to put in place adequate levels of protection.
Integration is key
DLP works best when integrated with other technology and security tools that include email, web and cloud application services. Each of these services should ideally work on their own to allow organisations to focus on scanning emails and their attachments as they leave and enter the organisation, and any files that traverse cloud applications through a cloud access security broker (CASB) or via the web. However, overlaying DLP on top of these technologies will mean that a single policy engine will ensure that policies are consistently applied across all controls implemented in order to provide not only consistency, but better visibility, reporting and control over all data, files and applications. This is best done through one cloud security platform that provides one, consistent point of enforcement.
Combining the DLP implementation with the use of a CASB reduces the risk of data loss by enforcing policies that prevent users taking unintentional or malicious actions that could put important data at risk such as through use of file-sharing sites or unwanted downloads, and by only allowing authorised users to take sanctioned actions. The CASB should interface with important cloud-based applications such as Microsoft 365 and Dropbox in order to protect data wherever it resides. It will show where data is being used inappropriately and will ensure that only those that need them are granted privileged entitlements, and only as and when they are needed.
Identity checks that are combined with multifactor authentication will beef security up further, requiring the use of stronger authentication for accessing sensitive information according to context. This will help to prevent social engineering attacks such as phishing that look to compromise networks by stealing user credentials.
Censornet’s new DLP offering
Censornet’s new DLP service is designed as part of its autonomous, integrated cloud platform. It will especially appeal to midmarket organisations, giving them a one-stop access to all of the data protection controls that they need to negate insider threats, keep hackers at bay and ensure that all data is adequately protected. It will provide smaller organisations with access to controls that were for too long the preserve of their larger counterparts.