Data Loss Prevention (DLP) is software that monitors traffic and prevents sensitive data from leaving your network. Sensitive data could be something as simple as social security numbers or be something as complex as business documents or data that contain proprietary trade secrets.
How is DLP used?
The most common location for DLP software is embedded in an edge device, such as a firewall or spam filter. These devices scan outgoing traffic to ensure that sensitive data does not get transmitted out of the network. DLP is typically set to monitor emails, instant messages, file transmission, and cloud-based file storage solutions and stop transmission when it detects sensitive data. It can also be set up to allow certain individuals or groups to be able to bypass DLP filters. These exclusions are usually coupled with technologies like email encryption to prevent unauthorized parties from accessing the contents without decryption.
Additionally, DLP software is available for an endpoint like a workstation or server. This software can provide access control restrictions at the workstation level and prevent sensitive data from ever ending up on a workstation or removable media. Some software can even be deployed against a specific cloud solution to provide protection in the cloud. Additionally, many mobile device management utilities have DLP solutions available that work within the device management platform.
What industries is DLP used in?
The need for DLP software varies from industry to industry and really depends on the data regulations that your business must follow. Data Loss Prevention software is most common in healthcare and finance industries. Email DLP can greatly enhance your information security and may even help HIPAA Compliance. If you have any confidential or protected information, you should consider adding a DLP software solution to your environment.
If you have any questions about Data Loss Prevention or anything else related to IT, call your on-demand IT partner, SandStorm IT, at (901) 475-0275.