Guest Column | November 4, 2015

5 Reasons Data Loss Prevention (DLP) Should Be A Part Of Your IT Security Toolkit

By Farokh Karani, Director, North America – Sales & Channels, Quick Heal Technologies

SMB Mobile Security

Over the last couple years, security breaches have rocked the business landscape. Sensitive data — from high-profile retailers and financial institutions to lesser known mom-and-pop shops — fell into the hands of global thieves and hackers, affecting millions of consumers and company employees. Indeed, it has been a challenging time for data privacy and security, and the massive thefts served as a wake-up call for organizations around the world.

Unfortunately, the problem isn’t going away. With the dramatic increase in data volume comes the associated rise in opportunities for theft — and accidental disclosure — of sensitive information. While the amount of electronic data in the world was thought to double every four years, research firm IDC says it actually does so after every two years. The firm says by 2020, the digital universe — the data we collectively create annually — will reach 44 zettabytes, or 44 trillion gigabytes. Add in recent increases in the portability of data and employee mobility and the danger is even more acute. As such, it’s clear to see why Gartner assigns data loss prevention (DLP) as the fastest growing security segment, with an annual growth rate of 18.9 percent through 2018.

The damage to a company from a data breach can be catastrophic, ranging from loss of intellectual property, to drops in sales and market share and a potentially fatal blow to an organization’s reputation. In addition, expensive lawsuits and costly penalties for failing to comply with strict data protection regulations are also on the rise. Industry analysts, however, have struggled to put a number on the actual cost of data loss, with estimates ranging (wildly) from $0.58 to $201 per record.

Regardless of the exact costs, with all the gloom and doom, what can organizations do to protect themselves, their customers and their stakeholders? Here are five things you need to know about DLP:

  1. Know what’s at risk: When attempting to solve the problem of potential data loss, it’s important to first understand what exactly is at risk. For any business, the data threat generally falls into three primary categories: intellectual property (e.g., product designs, source code, process documentation, etc.), enterprise information (strategic plans, financial reports, employee data, etc.) and customer information (payment card numbers, individual details, banking information, etc.). Obviously, such information falling into the wrong hands would be disastrous for any business. But you can start by getting your arms around it — inventorying, categorizing, and prioritizing.
  2. Understand how data breaches happen: Here too, it’s helpful to assign categories to potential data loss culprits: employees (or other insiders) who accidentally lose data, employees who deliberately leak data and external attackers who target your client or specific data silos. While malicious, international hackers and saboteurs get the headlines, much more common (and preventable) breaches occur though the actions of careless or distracted employees who manage or interact with confidential information. A misplaced smartphone with no password or tracking ability, a dropped unencrypted USB drive or a simple click on a fraudulent link on an unprotected PC/Laptop are a few simple examples of how data can be leaked accidentally.
  3. Start with your client’s employees: Since employees are often the root cause of data leakage, rigorous information management safety training is a great, easy-to-implement first step towards preventing data loss. Of course, such training should be tied to set policies and procedures that dictate who has access to what information, and clear instructions and rules on how it should be handled. Policy enforcement and scope depends on the nature of the data, the size and distribution of the company enterprise, and the degree of risk associated to the internal and external threats.
  4. Know the different types of DLP software: Companies need to understand and consider DLP software that provides one or more of the following coverages:
    • Network-Based DLP is installed at the perimeter of business networks; it analyzes network traffic to pinpoint critical data that flows out of the company internal network to the internet. If predefined information disclosure policies are violated, the source of such leakage is flagged. The advantage of this approach is that it is centrally managed and policy driven. The disadvantage is that it cannot prevent data loss at the PC/endpoint, for example via USB drives.
    • Endpoint-Based DLP monitors individual endpoints and devices, such as desktops, laptops, smartphones, and tablets to discover and prevent data leakage. Activities such as outgoing emails and print commands can be reviewed for discrepancies. The advantage with this approach is that it is centrally managed and policy driven, and prevents data loss at the PC/endpoint level, even if the data is never sent via the Internet/email. The disadvantage is that it must be deployed on all corporate PCs and laptops to ensure maximum protection of corporate data.
    • Storage-Based DLP protects the storage location of confidential data. Unsafe storage is often caused by improper data retention policies, so these solutions can do far more than just protect critical data from leaking.
    • All of the above approaches need to incorporate Content-Aware DLP, which enforces company policies based on the content and classification of crucial data. If a predefined keyword or file type is detected to be leaving the organization, a flag is raised, allowing a business enterprise to prevent accidental or deliberate leakage of data.
  5. Select the proper solution: Just like with other software products, there are various types of DLP tools that can be used in this fight. As such, finding the right fit for a specific business organization is the key to success. The right DLP software solution will help implement and regulate a company’s information security policies. In addition, it should eliminate the threat of security leakage through rogue apps and malicious software, scan installed programs and devices for security holes or blind spots, and prevent targeted attacks through malware or other malicious techniques.

Because the risk, repercussions and penalties of data loss are just too great in the times we live in today, it’s clear that a DLP solution should be an integral part of any company’s program to protect and manage its most valuable and confidential information.

Farokh Karani is Director, North American Sales & Channels, for Quick Heal Technologies, a leading global provider of IT security solutions. Quick Heal’s SEQRITE data security product line is specifically targeted at small to midsize enterprises and is sold in North America exclusively through channel partners.