3 Tips to Successfully Implement a DLP Strategy

Featured article by Samantha Waites

Traditional cybersecurity strategies focus on external threats, protecting company networks and devices from cyberattacks, viruses and malware. However, this approach ignores one of the biggest weaknesses computers everywhere face: the people operating them. Whether malicious insiders, gullible or careless employees, the human factor is a constant vulnerability companies need to address for an effective cybersecurity strategy. And that is where Data Loss Prevention (DLP) solutions come into play.

According to the Ponemon Institute’s 2020 Cost of Insider Threats Global Report, the number of security incidents caused by insiders increased by a staggering 47% since 2018, with the average global cost of insider threats rising to $11.45 million/breach. A second report on the overall costs of data breaches in 2020 released by the Institute attributed 23% of data breaches to human error, with a further 17% of malicious attacks having social engineering and phishing attacks as the root cause and an additional 7% being due to malicious insiders.

While training that raises awareness of threats and compliance requirements and teaches employees best security practices can be effective, especially when it comes to spotting phishing attacks, it does little to prevent common human error. After all, even the most vigilant employee can accidentally press the reply all button or forget to delete a file containing sensitive data from their computer.

DLP solutions are data focused: they help companies monitor and control personal information and any other type of data deemed sensitive in the context of a particular sector or business. They can block or limit the transfer of sensitive data, log its movements and flag any attempts to violate policies. But how can companies make the most of their DLP solutions and implement them successfully? Here are our tips.

Define What Sensitive Data Means to You

The most sensitive and sought-after data is personally identifiable information (PII). According to the Ponemon Institute, it is the type of record most often lost or stolen, compromised in 80% of all data breaches. It’s therefore no surprise that it’s also the type of information that most often falls under the incidence of data protection regulations and international standards. Companies need to protect PII for both compliance and security reasons.

However, there are other categories of sensitive data companies need to consider. The protection of health and financial data for example are just as heavily regulated as that of PII. Depending on the sector or type of business a company runs, different categories of data may also be deemed sensitive and need to be protected. Whether proprietary algorithms, blueprints, patents or media files, each company comes with its own types of sensitive information.

When they implement DLP solutions, organizations need to not only apply predefined policies for sensitive data that usually include PII, but also consider what sensitive data means to them. In this way, they can customize policies to suit their particular needs and ensure that they add a layer of protection to valuable data stored on company computers.

DLP Policies for Remote Work

As the COVID-19 pandemic continues to disrupt business operations across the world, one thing is clear: it has been an effective testbed for remote work policies. Companies previously reluctant to adopt them have been forced by circumstances to implement them, many with positive results. According to a survey conducted by research company Gartner in June 2020, 82% of interviewed company leaders intended to allow employees to work remotely some of the time after the pandemic, while 47% were willing to let employees work from home full-time.

As a consequence, it is essential that companies adopt DLP tools compatible with remote work policies. Endpoint DLP solutions are particularly effective while working from home as they are applied at device level. This means that, regardless of whether a computer is connected to the company network or the internet, their policies remain active, blocking the transfer of sensitive data through unauthorized channels and storing logs locally until they reconnect to the company network.

Cross-platform DLP

Nowadays, thanks to the rising popularity of Bring Your Own Device (BYOD) and Choose Your Own Device (CYOD) policies, the operating systems company devices run on have diversified. macOS in particular is establishing a strong presence in the enterprise, with a staggering 72% of employees favoring Macs when given a choice according to a recent JAMF survey. And while both macOS and Linux might be at a lower risk when it comes to external attacks, when it comes to human error, all operating systems face the same problems. In the same way a person can post something publicly on a PC, they can also do it on a Mac.

This is why companies must ensure that, if they run a multi-OS environment, the DLP solution they choose covers all of them. They must also look for feature parity between operating systems. Many DLP vendors focus heavily on Windows DLP and offer only a stripped-down version of their products for other operating systems. By choosing an integrated cross-platform DLP solution like Endpoint Protector, companies can control sensitive data on their entire network, regardless of a device’s operating system, all from a single dashboard.