Why Do They Call It DLP?
I always have to ask myself every time I hear the acronym “DLP.” Why do they call it that? There is no “prevention” in most DLP. It should be called DLT --> Data Loss Tracking.
Think about it for a moment, aside from enabling you to see who stole your data, most solutions don’t do anything at all to actually “prevent” it from being taken. And, unless you are watching it like a hawk and physically stopping people from walking out the door with it, have you actually prevented anything?
Therefore, when I talk with customers about DLP, I always make sure to distinguish between solutions that are really DLT vs. true DLP. It makes for some lively and interesting conversations.
Further, having true DLP is becoming an increasingly important concept. This is especially true with the advent of the cloud, the increasing use of mobile and the perpetual compromise of corporate computing environments and remote endpoints.
After all, if we want to protect our data, why not actually protect our data?! For the longest time, people have been trying to protect their data by building walls around their organizations. But, the walls don’t stop the data. It is transient.
Worse yet, the walls don’t stop the attackers. They easily compromise internal or remote endpoints through social engineering, spear phishing or other trivial attacks.
So what exactly do the walls do? That is a silly question… They are part of a holistic security strategy that needs the other pieces to be complete.
If the goal is to protect the data, I recommend starting by doing just that. All sensitive data should be encrypted and secured unless accessed by authorized personnel. And, all access to protected data should be tracked. Further, all attempts to copy protected data should result in the new file being protected with the same level of security as the original file.
There are some DLP solution providers that have gone with a model like this, and I hope to see other providers following suit. It is way easier and more cohesive to see the encryption built into the DLP solution than having to bolt on a separate encryption solution. But, irrespective of whether you use an integrated or bolt-on encryption solution, it is much better than not having the protection at all.
Once your data is secure, it is kind of liberating. It frees you up to use the cloud without worrying about it being compromised. Lost laptops aren’t as big of a deal. And malware harvesting encrypted data becomes kind of humorous.