You know the old saying, “An ounce of prevention is worth a pound of cure?” We’ve finally figured that out when it comes to cloud security. The new name of the game is Data Loss Prevention. (Of course it goes by DLP because it just wouldn’t play without an acronym.) Data Loss Prevention is exactly what it sounds like – preventing data loss before it occurs rather than waiting and reacting after the fact. Shut it down before it gets out of the gate.

DLP can take several forms. You can (and should) have a DLP strategy in place which involves ongoing efforts to control the transfer of sensitive data. DLP software classifies and protects sensitive data so users can’t share it – either by mistake or intentionally. And DLP systems monitor and control data flows by tracking data when it’s being used, transferred, and stored.

Key components of DLP:

  • Management console – central control point for DLP agents and processes
  • acEvent database – records all data events for analysis and reporting
  • Rules engine – the heart of the system, contains rules to detect information that should not be shared, such as the three P’s: PCI (payment card information), PII (personally identifiable information like social security numbers), and PHI (protected health information)
  • Data-at-rest scanner – scans the enterprise looking for sensitive data in the many places it can hide
  • Data-in-use agent – monitors data as it’s accessed and distributed
  • Data-in-motion sensor – tracks data in motion as it moved throughout your network

So what do you need to know about DLP? First you need to identify and classify the type of data you need to protect, and consider any regulations that apply. Depending on the size of your organization you may choose standalone DLP, an integrated DLP solution, or a combination of the two. Make sure you choose a solution that you can manage easily, that doesn’t interfere with your employees ability to get their work done, and that provides you with ongoing bang for your buck. Define your goals from the get go, so you know if you’re meeting them. Test out different solutions until you find the one that fits. Don’t be afraid to ask questions and make sure everyone who needs training gets it.