Enabling a Productive, Mobile Workforce with Data Loss Prevention

by Michael Wolfe, Vice President, Data Loss Prevention Solutions, Symantec
2 comments | I like it!
Tags: data loss prevention, endpoint security, Symantec
More »
on this topic
November 12, 2008, 02:40 PM —  Symantec Corp. — 

The rapidly increasing number of security breaches and data loss incidents is driving companies to implement data loss prevention (DLP) solutions as part of their overall endpoint security systems to prevent sensitive information from making its way out of the corporate network. Data must be accessible to mobile workers, partners, and the supply chain, but at the same time a company must prevent that data being accidentally or intentionally delivered into the wrong hands. Consequently, DLP software has become just as important as antivirus, host intrusion prevention, firewalls, and other security technologies and must be incorporated into an overall enterprise security system.

As more organizations look to incorporate this promising technology into their infrastructure, it is critical to understand what makes some DLP solutions more effective than others. The most comprehensive DLP tools enable organizations to discover data as well as monitor, protect and manage it.

Locate Sensitive Data
The proliferation of mobile computing devices as well as the use of portable media, such as USB flash drives, signal that today’s workforce is becoming more and more mobile. In such an environment, simply knowing which desktops, laptops, or other devices contain the most sensitive data is a monumental challenge. Worse yet, it is impossible to track how sensitive information is being accessed and manipulated without first knowing where that information is stored across the thousands of laptops, desktops and other endpoints in the enterprise. Indeed, unless such information is first found, it cannot be secured.

DLP addresses this challenge by providing visibility into where confidential data is stored. DLP scans for sensitive data on the endpoint, whether local or remote and regardless of whether the user is on or off the network. Armed with this information, IT can then take steps to inventory, secure or even relocate this data.

Furthermore, by pinpointing systems on which the most sensitive data is found, DLP also makes it easier to prioritize which laptops and desktops need encryption.

Track Data Use
Once sensitive data is located, its use must also be monitored to ensure that it remains private. To that end, DLP tracks how confidential data is being used at the endpoint, whether or not that endpoint is attached to the network.

DLP monitors files that are downloaded to local drives, copied to USB or other removable media, or burned to CD/DVDs as well as data transferred over email, IM, FTP or HTTP. It also monitors for sensitive information that is copied, pasted, printed, or faxed electronically.

DLP takes the guesswork out of secure data handling. With it, organizations can be sure that customer lists are not copied to USB flash drives or other removable media, source code is not copied or pasted to a new file, design documents are not being burned to CDs or DVDs, price lists are not being printed out or faxed to competitors and much more.

Stop Data Loss
Without DLP, organizations committed to protecting information are often relegated to simply preventing employees from transferring or even accessing data via their mobile phones, laptops or home computers.

I like it!
Comments
2 comments Add a comment

DLP is only as good as the detection engine

All enterprises need to know the DLP solutions' False Positive and False Negative Rates! If it's not zero, look elsewhere.
by Anonymous (not verified) on 11/12/08 at 5:51 pm | reply

GTB Technologies DLP- virtual zero false positive rate

What is Symantec's data loss prevention (DLP)'s false positive rate?
by Anonymous (not verified) on 11/24/08 at 3:23 pm | reply
View all comments »
Free books

Build your tech library with our book giveaways.

Hacking Exposed, Sixth Edition
By Stuart McClure, Joel Scambray, George Kurtz; Published by McGraw-Hill/Osborne

The original Hacking Exposed authors rejoin forces on this tenth anniversary edition to offer completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using their proven methodology, the authors reveal how to locate and patch system vulnerabilities. The book includes new coverage of ISO images, wireless and RFID attacks, Web 2.0 vulnerabilities, anonymous hacking tools, Ubuntu, Windows Server 2008, mobile devices, and more. Enter now!

Featured Sponsor
Case Study: AISO grows its "green" business

AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.

Download this white paper »
Myth of the Million Dollar Database

In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.

Download this white paper »
Success Story: Weather.com handles whatever nature serves up

On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now.

Download this white paper »
Marketplace