The practice of data loss prevention (DLP) has been around for years in some shape or form. However, it’s the high profile data breaches that have occurred over the last decade or so that propelled DLP and enterprise backup solutions to the fore of boardroom conversation. Data loss incidents have caused millions of dollars in recovery and repair costs as businesses grapple with damage to long-established reputations. Thanks to the outsized role data plays in the modern organization making it one of the most valuable assets, boards quickly recognized that preventing data loss is essential. Keeping confidential data away from the public domain is critical for business survival. That cannot happen though without clarity on what data loss and data loss prevention is.
What is Data Loss?
Data loss is the intentional or unintentional dissemination or extraction of an organization’s confidential data that places the enterprise, employees, customers, contractors and other stakeholders at risk. The nature of data loss incidents is actually quite diverse. They range from the overt sale of customer data to third parties and the transmission of unencrypted data, to the loss of business laptops and improper disposal of old hard drives.
Whereas most people imagine data loss is primarily the work of obscure hacking groups working from dark rooms in nondescript locations somewhere on the planet, the overwhelming majority of data loss events can be attributed to the actions (deliberate or unintentional) of internal users and authorized third parties.
Irrespective of how or why data loss occurs though, developing and enforcing a robust DLP program is vital.
What is DLP?
Data loss prevention refers to the policies, plans, procedures and systems established to detect and prevent information loss. A DLP program aims to block any leakage of confidential data on the organization’s physical or logical infrastructure. In order to establish an effective DLP program, you must at the minimum understand what confidential data you have, where it resides, how it’s used and who has access to it.
Why do Large Enterprises Need Data Loss Prevention?
Data loss prevention software programs and enterprise backup solutions are vital in every organization but large businesses are especially vulnerable to data loss. Here’s why.
Difficulty in Establishing a Clear Perimeter
Progress in the abilities of collaboration and productivity tools has delivered unprecedented efficiency in the workplace. Nevertheless, this has also introduced new channels through which data loss could occur. Increasing reliance on social media and other new technologies for customer service and everyday business engagement has made it harder to establish a solid virtual perimeter wall that clearly separates the company’s infrastructure from the public Internet.
Underground Market for Sensitive Data
There’s a growing and lucrative market for confidential data on the dark web. This has created an incentive for otherwise well-meaning individuals with access to sensitive data to extract it in the hope of trading it for cash.
Blurring Lines of Work and Home
BYOD policies and the rise of telecommuting means the lines between work and home environments can be blurred. This creates a wide range of circumstances where users could accidentally disclose confidential company data.
Large enterprises have thousands of employees and devices spread across multiple locations and jurisdictions. There are thousands or millions of distinct avenues through which data loss could occur. The organization’s data loss capability is only as good as the weakest link in this massive network.
Complex Technology Ecosystem
Given the complexity of today’s enterprise ecosystem, a data loss event could go for months or even years undetected. By the time the business catches wind of its occurrence, the damage to customer privacy and business reputation is done.
Growing Data Volume
The ubiquity of digitalization and the rise of the Internet of Things have accelerated the growth of the data that modern enterprises handle every day. More data means more touchpoints through which information may be lost.
Advances in Telecommunication Capacity
Exponential increase in the scale, quality and capacity of telecommunication infrastructure ensure that large volumes of data can be disseminated to recipients thousands of miles away in a matter of minutes.
Proliferation of Portable Devices
The increasing use of portable devices such as laptops, tablets, smartphones and USB drives has dramatically heightened the risk of data loss through theft and misplacement.
The "Wikileaks Effect"
There’s no question that any illegal action that takes place with the approval of the senior-most management of an organization should be reported to relevant authorities. Nevertheless, whistleblowing can have unintended consequences. In their haste to download sensitive data unnoticed, individuals who’ve decided to go public with a simmering scandal may download and share confidential data that has nothing to do with the incident.
Increasing Autonomy of Information Systems
The transition to artificial intelligence will almost certainly be pioneered by large organizations. They have the financial muscle to push, experiment with and perfect AI in the workplace. But as AI takes over plenty of functions including cybersecurity, the depth of autonomy could see data leaks going unreported.
Cloud Computing and the Loss of Physical Control
Large businesses have found they can save millions of dollars on technology costs each year by simply moving their systems away from an on-premises setup to the cloud. This however eliminates their control over the physical infrastructure their systems run on. Even if the business adheres to the best backup and data protection practices, security gaps at the cloud service provider could still see the client’s sensitive information made public.
Cybercrime is growing in sophistication. And the bigger the target, the bigger prize. Hackers will be more enthusiastic about hacking into a global bank as opposed to a small credit union.
Managing Data Loss is Expensive
DLP incidents are expensive to contain and resolve. According to one study, the average cost of a data breach in 2019 is $3.92 million. Once again, the bigger the company, the harder the fall so this average belies the higher cost of managing data loss in larger corporations. This cost continues to rise each year.
Regulations such as the EU’s GDPR impose a sizeable penalty for organizations that fail to adequately protect confidential data. While a penalty would seem to be an especially heavy burden for smaller businesses, regulators are often keen on using prominent enterprises to set an example of the stiff punishment that awaits violators.
The Role of DLP Software and Enterprise Backup Solutions
Each of the scenarios identified above may call for a different type of control to prevent or contain the loss since there isn’t a single control that can prevent all forms of data loss. By automating data loss controls, DLP software and enterprise backup solutions can go a long way in mitigating a wide range of data leakage risks via a single dashboard.
How DLP Solutions Work
DLP software is designed to prevent the unauthorized transmission and use of confidential data. It monitors, identifies and protects the data at rest, data in motion and data in use. DLP software executes appropriate responses based on rules and policies explicitly defined to determine the danger of accidental leaks or deliberate exposure of data.
DLP solutions perform contextual analysis and content inspection. To better understand the distinction between contextual analysis and content awareness, see context as an envelope and content as a letter within the envelope. DLP solutions may run on their own content engines or leverage third-party technology.
Get DLP Solutions that are Right for You
DLP solutions range from basic port blocking and encryption tools to comprehensive products that mitigate a wide range of data loss risks. For most large enterprises though, there won’t necessarily be a single solution they can procure that will resolve all their data loss concerns. A good data loss prevention technology strategy should deliver defense in depth, scale based on area, users, devices and language, detect sensitive information such as intellectual property, support analysis of multiple data formats and be flexible enough to accommodate the local privacy and data security laws of different jurisdictions. It should therefore encompass enterprise backup solutions, web security gateways, network monitoring software, end point encryption solutions, antivirus software and more. Before settling on any one DLP solution, test it with realistic data to establish its accuracy and reliability. Market leading vendors such as Micro Focus have used innovative solutions throughout a successful history to integrate well with other data security solutions.