Data Leak Prevention Briefing Paper

From wiki
Jump to navigation Jump to search

Back to Tech Briefs list page

Business Brief

Data leak prevention (DLP) is a set of software, strategies and processes aimed at protecting sensitive information from being sent outside a specific network. DLP tools ensure that enterprises can catch potential data breaches by following data as it travels through the network and making sure it remains within the parameters of the organization.

Most corporations around the world, in one way or another, suffer from data leak incidents. Data leaks are a result of many things such as insider threats, cyber-attacks and accidental information sharing. These breaches of information can result in critical information being shared and can sometimes be devastating for corporations. To avoid these leaks, companies integrate DLP solutions such as network-based DLP, storage based DLP, and endpoint based DLP and content-aware DLP.

Major tech companies such as Google and Symantec have begun developing and integrating their own DLP solutions. As cyber threats and data leaks become more of a threat, DLP solutions must be able to develop to prevent them.

Technical Brief

DLP allows users to manage sensitive data on multiple computing devices across an array of access points. These computing devices can be anything from virtual/physical servers, databases and mobile devices. DLP solutions are put in place to avoid data breaches of information such as financial data, source code, and customer information.

There are various modes of DLP solutions that have key characteristics in managing the flow of corporate information. Network-based DLP solutions secure an organization network by overseeing the flow of data between email, web application and more. Storage based DLP protects the data that exists on the datacenter infrastructure. Storage-based DLP are able to recognize whenever sensitive information is being transmitted on an insecure network, and thus determining where a potential data leak can, will or did occur. 

Endpoint based DLP solutions ensures user compliance on PC or related systems (laptops, tablets, etc.) for tasks such as printing and the handling peripheral devices. Endpoint DLP solutions are usually put in place to respond to user actions such as email, printing and saving information to a USB. In addition, endpoint DLP solutions are able to deny or allow certain user activity depending on the parameters set by the organization. Content-aware DLP tools use monitoring, remediation, filtering and similar techniques to address leaks that occur on unauthorized platforms or channels.

All these DLP solution strategies are used to track information in one way or another.  Whether the solution follows the information flow or user interactions, DLP tools can be critical in protecting organizations and their data.

Industry Use

An increasing number of cyber threats has resulted in many industries choosing DLP tools to help protect sensitive data. Whether it’s protecting networks or monitoring the work of insiders, industries are increasingly opting for data leak prevention tools.

Cisco, Google and CipherCloud are just three of many tech companies developing their own suite of DLP tools. These companies are creating DLP solutions to help address potential concerns that businesses have with data leaks and the repercussions. In order to ensure user compliance and prevent unauthorized access from cyber threats, most industries are adopting many of the strategies DLP has to offer. These strategies range from console control and automated protection, to educating end-users on company policies.

Canadian Government Use

Data leak prevention strategies are already prevalent across the Government of Canada. For example, departments, such as DND, that provide employees with portable data storage devices have many DLP tactics to ensure data is secure.  Some of these tactics are encrypting the devices to be password or biometric controlled as well as encrypting the data on the devices. In addition, the GC is able to monitor sensitive information being sent as it travels through the network. By doing so, the GC is able to determine any breaches of information and make sure confidential information is protected. In addition, the GC educates its employees on DLP strategies that they should take when in contact with sensitive information. Some of these strategies include not leaving storage devices unattended, and choosing strong passwords for applications. The GC is increasingly using more DLP solutions to help manage information, mitigate leaks, minimize risks and protect those involved.

Implications for Departments

Shared Services Canada

Value proposition

Data leak prevention tools can be of huge value for SSC. Much of the information SSC has access to is classified as protected. As such, SSC should take any measure possible to protect and monitor this information. SSC can use DLP solutions to make sure its employees transfer and use information within the ethics and policies of the GC. In addition, as cyber threats become more plentiful and hard-hitting, SSC will need DLP strategies to prevent data leaks. Data leaks can lead to devastating results for the GC and preventing them is a huge priority for SSC.

Challenges

To be developped

Dept X

Implications list

Sources

https://whatis.techtarget.com/definition/data-loss-prevention-DLP

https://www.cloudsecuretech.com/6-reasons-why-data-loss-prevention-is-necessary-for-business/

https://www.veracode.com/security/guide-data-loss-prevention

https://www.techradar.com/news/top-5-best-data-loss-prevention-services

https://www.canada.ca/en/treasury-board-secretariat/services/information-technology/policy-implementation-notices/secure-use-portable-data-storage-devices-government.html