What is Data Loss Prevention (DLP)?

Defining Data Loss Prevention (DLP)

Data Loss Prevention (DLP) software is crucial to ensure that data is not lost, misused or accessed by unapproved individuals. Data loss prevention software monitors, detects and potentially blocks sensitive data exfiltration while the data is in use, in motion or at rest. It is largely driven by regulatory compliance as enterprises today must be able to demonstrate adequate care has been taken to avert the loss or theft of confidential and sensitive information on their networks.

Why is Data Loss Prevention (DLP) is Important?

The ability to detect and ultimately prevent data leakage or theft is core to cybersecurity defense – after all that’s what most attackers are ultimately after. Data loss prevention solutions are deployed to combat the threat of data theft or leakage from these personas:

External Malicious Actor

This adversary is typically well-funded and very sophisticated. Security teams must have visibility into all activity, highlighted by data loss prevention solutions, anomalous and suspicious behavior detection, cyber threat hunting tools, and rapid and automated response capabilities.

Malicious Insider

This adversary is also well-funded and smart, but they have already been granted access to the network. For the malicious insider/external actor, it’s critical to have data loss detection and prevention policies that are enforced to prevent sensitive data from being stolen.

Uninformed Employee

This person inadvertently provides information to the malicious actor. Security tools must detect and respond to not only attacks that target employees, but risky also actions that employees perform to circumvent security policies and controls.

DLP Use Cases

There are also industries that have put an emphasis on data loss prevention through regulations. In their 2017 Data Loss Prevention Magic Quadrant, Gartner said that by 2020, 85% of organizations will implement at least one form of integrated DLP.

Data loss prevention serves multiple use cases including:

  • Compliance: For many organizations data protection isn’t a case of if they want to, but a matter of requirement. Regulations such as HIPAA, PCI-DSS, GDPR and CCPA all have data protection requirements that must be strictly adhered to.
  • Protection of Intellectual Property: An organization’s IP is of critical importance and should be protected as such.
  • Visibility of Sensitive Data: You can’t protect sensitive data if you don’t know where it resides and how it is transferred across your network or endpoints.

Read the Data Loss Prevention Buyer’s Guide

Learn More

What are the Different Types of Data Loss Prevention Solutions?

  • Network DLP – Network data loss prevention solutions detect and block sensitive data in motion – preventing it from leaving via network communications. This can include email or web applications.
  • Endpoint DLP – Endpoint data loss prevention solutions detect and block sensitive data while in use.
  • Storage DLP – Storage data loss prevention solution is designed to detect and block the loss of data at rest.

What are the Key Aspects of a Network Data Loss Prevention (DLP) Solution?

There are three critical components of an overall network data loss prevention solution:

  • Detect and block sensitive data in motion from leaving through network traffic.
  • Monitor data in use on endpoints and block unauthorized attempts to steal data.
  • Monitor all data at rest within a storage location where if accessed or manipulated in an attempt to exfiltrate data a blocking action should occur.