Choosing a DLP solution: A guided plan
Data loss prevention (DLP) may be an unfamiliar term, even to business leaders working hard to follow cybersecurity best practices. In this blog post, we’re giving you a primer on why DLP is a massive undertaking for even the best IT teams, and why an automated solution is the best way to protect your business-critical data.
If you’re shopping around for a DLP solution, not sure about how to get started, or are unsure of the value of DLP, this blog post is your guide. Read about what DLP is, why it matters to any organization working with huge amounts of data while trying to remain compliant in privacy and security regimes, and what to look for when choosing a DLP solution.
DLP and infosec basics
DLP addresses many blindspots for information security teams, which is probably why the terminology blurs lines. This technology is often associated with other terms like information leak detection and prevention (ILDP), information leak prevention (ILP), content monitoring and filtering (CMF), information protection and control (IPC) and extrusion prevention system (EPS). In the context of data loss prevention, the terms “data loss” and “data leak” are related and are often used interchangeably.
It’s important to understand what DLP is and what it can do. Before committing to a DLP solution, you should familiarize yourself with key functions in this area of information security:
- Monitoring provides visibility into your data and systems — essential for data discovery (we’ll get into that later on in this piece)
- Filtering allows you to work with data streams to restrict suspicious or unidentified activity
- Reporting facilitates logging data for incident response and auditing
- Analysis pulls everything together to help you make smarter decisions about risks and suspicious activity around your business data
Tip: Don’t rely solely on your IT department and security team to handle data protection. Manual processes and human teams are limited. Start investigating automated DLP resources.
A solid understanding of what DLP does is the foundation of your solutions investigation. The next part is gathering your team to choose the right product. The complexity of modern information security means that security is no longer just an IT issue.
Data protection is a cross-functional job
Everyone in a company is responsible for upholding data security standards. While the IT department does the majority of the everyday work with these systems and processes, stakeholders across your organization influence security policy and implementation.
Think of the impacts of a data breach: Damage to the brand, regulatory infractions (and the resulting fines), and loss of sales and customers hurt the company as a whole. After considering this, suddenly the IT department’s reach doesn’t seem wide enough to address all of these issues.
When building a case for a DLP solution, you must involve the leaders within your company who will become the main stakeholders. Bring these people to the table during the discovery process and give them chances to view demos and ask questions before signing off on the final decision. Each organization’s needs will vary, but it helps to have leaders from engineering, operations, legal, and even sales and marketing involved in such discussions.
Tip: Think about DLP as an organization-wide priority and what each department stands to lose in the fallout from a data breach. You’ll find your solution selection committee within this investigation.
With the team assembled and ready to tackle the problem, you’ll need metrics to answer or even raise new questions about the efficacy of a new DLP solution. Having this business intelligence will provide criteria to look for and help inform outcomes.
Get smart with metrics
Just like any other solution to a major business problem, your DLP platform investigation should include a list of metrics that will define success for the project. Use the same methodology from your stakeholder exercise to determine the metrics you’ll need to prove the value of the new solution. Consider what your current KPIs are and how a data breach can negatively impact those metrics. From there, you’ll have a clearer picture of which metrics to look for in a DLP solution.
You can start with some basic KPIs for DLP from Infosec Writeups on Medium, like data classification success rate. Author Jose Samuel describes it as the backbone of every DLP tool that identifies and differentiates types of sensitive information and describes its context and proves out that this is impossible to do through manual review.
Don’t invest into a business solution without data to convey what you want to do, why you want to do it, and what you expect from the outcomes.
Tip: If you’re not at the stage where you can identify these measurements, start simple by considering how a data breach would impact the current loss rate of your business or pull resources from another department to staff damage control.
As you near the end of your DLP solutions investigation, don’t forget about determining the requirements the product must meet. Having DLP is great, but not knowing how to use it makes this entire exercise pointless.
Requirements: the DLP playbook
Knowledge of your organization’s stakeholders, needs, and systems is essential for choosing a DLP solution. This information can help you create the requirements you’ll need for a successful DLP solution selection and later implementation.
Here a few things to consider before you start:
- Platforms: Which apps, platforms, and tools are you using currently, and which new tools are you planning to introduce? If you’re using collaboration tools like Slack or Confluence, which lack native DLP features, you’ll need a DLP solution to secure communications within those apps.
- Types of data: Personally identifiable information (PII) and protected health information (PHI) are vulnerable data. Social security numbers, IP addresses, and health record information are just a few categories that must be protected. Be familiar with the data your organization handles on a daily basis.
- Privacy regimes: Compliance standards like HIPAA have strict requirements on which types of data must be protected and how to ensure security measures. Your company may have to adhere to multiple privacy regulations depending on your industry. Look for a DLP solution that is compliant with the standards your company uses every day.
Tip: Create a set of requirements for finding and implementing a new DLP solution. In-depth knowledge of your systems, data, and devices will make this job much easier.
This article aims to prepare businesses for finding the right DLP solution. The steps necessary for an informed decision-making process show how complex this type of information security can be. An automated solution can take care of your concerns and problems while you’re free to focus on other important aspects of your business.
An investment for future growth
Once you get your DLP solution up and running, you can use the tools to create processes to improve business intelligence, information security, and other parts of your business. Gartner’s definition of DLP includes a few essential business operations functions that come from a solid DLP strategy, like enforcing security policies, meeting compliance standards, and increasing data visibility.
If security still isn’t top-of-mind for your business, convince key stakeholders to start thinking about it in terms of money lost. Dell Technologies published a study stating that the total cost of data loss grew to $1 million in 2019. The research report, “Global Data Protection Index 2020 Snapshot” found the cost of disruption is also increasing, with an average cost of $810,000 in 2019.
And it’s only getting more complicated. Dell’s study states that most organizations are managing almost 40% more data than they were a year ago, and more than 50% of organizations struggle to find sufficient data protection solutions for emerging technologies like 5G and edge infrastructure (67%), and AI and ML platforms (64%).
DLP can address security issues and save organizations time, money, and lost productivity. An automated DLP solution is the fastest, most complete, and most cost-effective way to get up to speed on your privacy requirements. You already have a lot on your plate by running a business. Lean on the security experts to protect the data that matters most.
If you’re interested in learning more about Nightfall for collaboration tools like Slack, you can view our Guide to DLP on Slack or schedule a brief demo with our team below.