Fight against data leaks can be expensive when one considers implement a complete Enterprise DLP solution. Excluding these days, everyone needs to protect its activities and those assets. This E-DLP solution usually helps fight against data leakage on several plane inspecting several channels; web, mail, IM, FTP, etc. In addition, these solutions work in several stages: data discovery, classification and protection.
Using some technical tools and a little planning, it is possible to fight effectively against data theft.
One recurring problem is the classification of data. Indeed, the importance of data changes over time and can now be found at many location in your computer network. This is a step that requires great organization and the maturity of the company. The approaches of protection "Lite" against data leaks are completely ignored this part.
Some (non-exhaustive) can limit or at least complicate the flight data in the enterprise which generally discourages more than one attacker and limit the data leakage risks inadvertently:
The device control allows to set up a blocking security policy USB sticks and external drives on user workstations. It is common to implement a strict policy and allow only devices provided by the company. These solutions also enable to encrypt data stored on removable devices, it would be a shame to pass these strong capabilities useful in case of theft or loss of devices.
It can happen to a VIP losing or being robbed his laptop during a business trip. Often this leads to data leakage that can have serious consequences for the company. These incidents are preventable by using disk encryption. Many publishers of endpoint solutions offers this feature. These functions are also important to protect file servers discs. Encrypting files and folders is designed to promote a data protection more granular so that the disk encryption. However, these technologies can be combined to ensure a level of encryption on multiple layers and complexity actions attackers.
With or without these solutions, some organizational points must be taken into account. In fact, theoretically, there are less than 5% of bad people in a company. Many cases of data breaches involve human error, missed or poorly defined processes, etc.
Awareness of SI users is an effective approach for showing the risks associated with the use of computer tools to maintain informed the user of the latest attack techniques (eg Spear phishing) and allow it to recognize, but also to detect deficiencies in organizational terms.
A question that many companies do not arise is the life cycle management of storage devices (Flash, Hard Drive, SAN, NAS, etc.). The return of a PC maintenance at the supplier, sending in waste defective discs are all risk factors to be considered in a protective action against information leakage.
Web and email environments are also sources of leaks. Without adequate DLP solution, it is possible to fall back on the discovery of specific key word: security, confidential, secret. It is also recommended to use regex patterns or appropriate to the nature of information to be protected: account, customer name, credit card number, etc.
Moreover, it is common for users of SI innocently employ useful collaborative tools for the job but prohibited by internal security policy for the enterprise. The best example is of course Dropbox. Many companies prohibit the use of Dropbox app without providing an alternative to employees. This leads often to create exceptions for certain user populations (often the VIP). In some cases, users are even tempted to use much less known tools that are not referenced by the web filtering market solutions to bypass security rules.
Protect against information leakage therefore means not to block any kind of uncontrolled collaborations, but rather propose alternatives that allow business to keep track of trade, set limits, etc.
By implementing these technologies for securing data on user workstations while accompanying the company is on track. Adding some additional controls over web and email channels increases data security. The leak is always be possible, however, it will no longer be accessible to everyone and you will benefit from technologies to monitor suspicious activity. When the company acquires mature enough in terms of protecting and managing data leaks, assessment of 'Enterprise DLP "solution makes sense.
If you're interested, I recommend the links below. Although they are sponsored by publishers who specialize in data protection, but I find them very interesting: