Data loss prevention (DLP) is a set of software tools, processes and data security practices that help prevent unauthorized access, misuse or loss of sensitive or critical data. It is also referred to as extrusion prevention or information loss prevention.
Corporations often include DLP in their overall data security strategy. It helps them identify attempts by malicious actors to gain unauthorized access to their systems. A typical data breach costs $4.25 million, and considering the increased risk of cyberattacks, DLP is becoming increasingly popular with companies looking for methods to safeguard their digital data.
Types of data loss prevention
DLP is classified into three categories: network DLP, endpoint DLP and cloud DLP. While all three types have the same overall objective of preventing data loss, there are some key differences in the techniques used to achieve this objective.
Network DLP is used to monitor and protect data on the company’s servers. This includes data that is at rest and in motion. Network DLP analyzes data traffic on the cloud and on traditional network systems to identify any violation of a company’s security policies. This type of DLP monitors file uploads and transfers, emails and messaging on the company network. If any user tries to gain authorized access to sensitive information on the company servers, network DLP will initiate predefined steps to prevent the user from accessing the data.
With network DLP, admins can also view who accessed the sensitive data, when it was accessed and whether the data was moved to another location. This increased visibility helps mitigate the risks of data loss on the network.
Endpoint DLP is designed to protect data that is in transit or in motion. It is specifically designed to monitor the endpoints of the network, such as the cloud repositories, computers, cell phones and other devices that are connected to the network. With endpoint DLP, admins can track data stored on endpoints on and off the company network.
While endpoint DLP offers more comprehensive security compared to network DLP, it does require more management. For example, DLP tools must be installed on all devices that need to be protected. The admins also need to ensure the DLP tools are maintained through regular updates.
As the name suggests, cloud DLP offers protection for data in the cloud. It scans and audits data and automatically flags any anomalies that require attention. In addition, cloud DLP maintains a list of authorized cloud devices, applications and users that have been provided with permission to access data.
Cloud DLP also maintains a log to record when data was accessed and who accessed it. Rather than building a perimeter around the network, cloud DLP interfaces with cloud applications to encrypt data.