Proofpoint Country Manager
Data Loss Prevention (DLP) -in Spanish, “data loss prevention”— is a term that refers to measures that ensure that users do not send sensitive information outside the corporate network. Through software products, network administrators control the data that can be transferred, classifying and protecting the critical information. So, for example, an employee would not be allowed to forward an email outside the corporate domain or upload a file to a more popular cloud storage service like Dropbox.
Reshaping these data loss solutions has become one of the main challenges of hybrid work environments. According to a recent global survey of CISOs in organizations, half of security officers said they have had to fully adapt their DLP controls for this new normal. Therefore, it is essential that a robust program of this type takes into account the mobility of the data and when it will be at risk.
How to implement a DLP solution
Due to insider threats and stringent data privacy laws, companies are increasingly incorporating DLP measures to protect data in motion. Each company must look for a solution adapted to its needs; and, to get there, we recommend following these steps:
1. The first thing is to decide what data is critical for the organization and which ones would cause the most serious problems if stolen. DLP should start with the most valuable or sensitive data that is most likely to be targeted by attackers.
2. Classify the data and apply labels It allows you to track their use. Inspecting the contents with pre-configured rules allows you to identify regular expressions, such as social security or credit card numbers, or keywords (for example: “confidential”).
3. Understand when data is most at risk. This is especially the case when they are used on users’ devices or shared with customers and partners. Some examples would be attaching data to an email or transferring data to a removable storage device.
4. Monitoring data allows you to understand how it is used and identify those behaviors that put them at risk.
5. Create controls to reduce risk: first, ones that cover the most common behaviors with the greatest exposure to incidents, and later, develop more granular controls for specific risks.
A common risk: data leakage by email
More than two-thirds of an organization’s intellectual property is sent via email between offices, partners, and customers. Precisely, email is the number one entry vector for threats, but it is also critical for data leakage. If employees send sensitive content unencrypted, and without proper oversight for compliance with internal policies and regulatory regulations, they can risk data leaks, leading to penalties and impacting both the company’s reputation as well as the trust of its customers.
An email encryption solution will help automatically identify and protect sensitive information leaving a company, such as personally identifiable data, financial information, or data subject to the European Data Protection Regulation (GDPR). In this way, email communications can be easily monitored, while all information remains available on the devices of employees and collaborators of the organization.
This is how an email encryption solution works
When such a solution identifies sensitive data, It automatically encrypts email to maximize its security. By integrating with DLP policies, administrators’ workload is reduced without negatively impacting users.
Users themselves can create filters or use predefined labels in the subject line, which automatically identify outgoing messages that need to be encrypted. Internal recipients can compose, read and reply to encrypted messages from their inboxes, and external recipients from a website where they will be authenticated. This way, only valid recipients will be able to access sensitive data, and after a few days, when the encrypted message expires, it will be deleted, since sensitive information should not be kept longer than necessary.
Although email encryption should be a priority for organizations, in order to reduce the potentially negative impact of data loss, training employees should also be taken as a must.
Advanced DLP solutions warn users that they might be violating company policies or by increasing the level of risk, since they often do not realize that their actions can lead to data loss. The combination of technology and people will greatly increase the organization’s threat awareness and preparedness.