Data Loss Prevention (DLP) is the practice of detecting and preventing data breaches, exfiltration, or unwanted destruction of sensitive data. Organizations use DLP to protect and secure their data and comply with regulations.
The DLP term refers to defending organizations against both data loss and data leakage prevention. Data loss refers to an event in which important data is lost to the enterprise, such as in a ransomware attack. Data loss prevention focuses on preventing illicit transfer of data outside organizational boundaries.
There are myriad techniques in the market today that deliver different types of content inspection. One thing to consider is that while many DLP vendors have developed their own content engines, some employ third-party technology that is not designed for DLP. For example, rather than building pattern matching for credit card numbers, a DLP vendor may license technology from a search engine provider to pattern match credit card numbers. When evaluating DLP solutions, pay close attention to the types of patterns detected by each solution against a real corpus of sensitive data to confirm the accuracy of its content engine.
As the number of internet-connected devices skyrockets into the billions, data loss prevention is an increasingly important part of any organization’s ability to manage and protect critical and confidential information. Examples of critical and confidential data types include:
- Intellectual Property: source code, product design documents, process documentation, internal price lists
- Corporate Data: Financial documents, strategic planning documents, due diligence research for mergers and acquisitions, employee information
- Customer Data: Social Security numbers, credit card numbers, medical records, financial statements
DLP gives you complete visibility and control over your information – wherever it lives and travels – and prevents insiders from exfiltrating sensitive data such as customer records and product designs.
- Monitors for policy violations and risky user behavior across control points at all times.
- Prevents and deters end users from leaking data with real-time blocking, quarantining and alerts.
- Allows you to respond quickly and efficiently when critical data loss happens with automated incident remediation workflows and one-click Smart Responses.
- Gives you flexibility to fine-tune policies to balance security and end-user productivity.