Overview

Data loss/leak prevention solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting & blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage) In data leakage incidents, sensitive data is disclosed to unauthorized personnel either by malicious intent or inadvertent mistake. Such sensitive data can come in the form of private or company information, intellectual property (IP), financial or patient information, credit-card data, and other information depending on the business and the industry.

Endpoint DLP

Data in Use "DiU"

Such systems run on end-user workstations or servers in the organization. Like network-based systems, endpoint-based can address internal as well as external communications, and can therefore be used to control information flow between groups or types of users (e.g. ‘Chinese walls’). They can also control email and Instant Messaging communications before they are stored in the corporate archive, such that a blocked communication (i.e., one that was never sent, and therefore not subject to retention rules) will not be identified in a subsequent legal discovery situation. Endpoint systems have the advantage that they can monitor and control access to physical devices (such as mobile devices with data storage capabilities) and in some cases can access information before it has been encrypted. Some endpoint-based systems can also provide application controls to block attempted transmissions of confidential information, and provide immediate feedback to the user. They have the disadvantage that they need to be installed on every workstation in the network, cannot be used on mobile devices (e.g., cell phones and PDAs) or where they cannot be practically installed (for example on a workstation in an internet café).

Network DLP

Data in Motion "DiM"

Typically a software or hardware solution that is installed at network egress points near the perimeter. It analyzes network traffic to detect sensitive data that is being sent in violation of information security policies.

Benefits of DLP

  • Minimal upfront investment and simple licensing and ordering process
  • Reduces administrative overhead to lower operational costs
  • Reduces business risk by responding in real-time
  • Easily installs and deploys for low TCO
  • Generates increased value from current security investments
  • Helps ease regulatory compliance efforts with centralized analysis and reporting
  • Helps satisfy audit requirements
  • Ensures customer data privacy and integrity

File-level DLP

The software identifies the sensitive files and then embeds the information security policy within the file, so that it travels with it whether the file or part of it is sent, copied or downloaded

Data Security Solutions

Forcepoint DLP

Forcepoint Data Security Suite secures organizations against a wide range of data loss scenarios with a single policy framework for network and endpoint data loss prevention and confidential data discovery

– TRITON AP-DATA and AP-ENDPOINT extends data security controls to enterprise cloud applications and to your endpoints. Safely leverage powerful cloud services like Microsoft Office 365, Google for Work and SalesForce.com, as well as protecting your sensitive data and intellectual property on Windows and Mac laptops, both on and off-network.

More Information: https://www.forcepoint.com/product/data-insider-threat-security/dlp-data-loss-prevention