Cloud Computing Disaster Recovery

Quest Technology Management

Helping clients manage their technology for over 30 years.

Strategy First

DLP is a powerful security tool. So powerful that it’s tempting to try a broad, pervasive implementation. But this can backfire into a flood of false alerts — unless you first think through your DLP strategy. At its most fundamental, forming a DLP strategy involves a five-part process:

  1. Decide/define what data you need to protect and how
  2. Understand your organization’s business workflow, including how it uses sensitive data and where your network infrastructure is susceptible to data leakage; while you do this, remember that those with access to data are most often the ones responsible for its loss
  3. Develop a security policy that establishes organization-wide standards and procedures for data ownership and usage — and includes the means to enforce those policies
  4. Seek out a DLP service provider who makes it easy for you to deploy DLP in cost-effective phases, at your own pace
  5. Forge an implementation plan that nails down specifics concerning your network, endpoints, discovery requirements, and so on. Aim initially for basic DLP capabilities, usually focused on (select one) network, endpoint, or storage (discovery) requirements — and just a single policy (to avoid being overwhelmed with alerts). Once one capability is deployed and optimized, you can tackle the next one with confidence and efficiency. DLP can be a powerful security tool — but it is not a box solution. To be effective, DLP must be deployed in the context of well-considered security policy and a willingness to assess and rank corporate data, apply user-privilege and access controls, routinely audit policy and data flows, and train employees about acceptable use. A trusted security services advisor can help you map your objectives to what’s possible with DLP and guide you through a successful DLP strategy, planning, and deployment process.