DLP

Data Loss Prevention has been a hot topic as of late.

In the past I always believed that DLP was only effective where you had a data labeling program.  Otherwise its just another product that doesn’t work well when you cant answer where the important information is.  Over time, I also became more concerned with throwing tech solutions at a people problem.  With that view, and no one asking for it, DLP never made it onto the priority list.

I’ve seen point solutions such as email gateways that look for credit card numbers.  And they find numbers everywhere they look.  And that is when you’re looking for something specific.  Something that can even be verified.   (luhn)  How will it deal with data.  Can DLP occur at all without management buy in.

There are some interesting possibilities.  Perhaps you have a particular webserver and nothing from that server should go out.  Perhaps you have templates.   And while the content might change somewhat, the DLP sees enough similarity to match.

A good DLP solution also allows enough flexibility in warning, quarantining (with release a possibility), and blocking.