5/17/2023 0 Comments Dlp endpoint text extractorSome organizations will repeat these steps with an expanded data set or extend data identification and classification to enable fine-tuned data controls. This is in addition to controls to outright block risky data activity. Advanced DLP solutions offer user prompting to inform employees of data use that may violate company policy or increase risk. Employees often don’t recognize that their actions can result in data loss and will do better when educated. Once an organization understands when data is moved, user training can reduce the risk of accidental data loss by insiders. Train employees and provide continuous guidance As the DLP program matures, organizations can develop more granular, fine-tuned controls to reduce specific risks. Controls can target common behaviors that most line managers would agree are risky. At the beginning of a DLP program, data usage controls may be simple. The next step is to work with business line managers to understand why this is happening and to create controls for reducing data risk. Organizations need to monitor data in motion to gain visibility into what’s happening to their sensitive data and to determine the scope of the issues that their DLP strategy should address. It is important to understand how data is used and to identify behavior that puts data at risk. A robust DLP program must account for the mobility of data and when data is at risk. Examples include attaching data to an email or moving it to a removable storage device. In these cases, the data is often at highest risk at the moment it is in use on endpoints. There are different risks associated with data distributed to user devices or shared with partners, customers and the supply chain. Content inspection often comes with pre-configured rules for PCI, PII, and other standards. It examines data to identify regular expressions, such as Social Security and credit card numbers or keywords (example: “confidential”). Applying persistent classification tags to the data allows organizations to track their use. This means associating a classification with the source application, the data store or the user who created the data. DLP should start with the most valuable or sensitive data that is likely to be targeted by attackers.Ī simple, scalable approach is to classify data by context. The first step is to decide which data would cause the biggest problem if it were stolen. Every organization has its own definition of critical data.
0 Comments
Leave a Reply. |