Data Loss Prevention

What is Data Loss Prevention?

Data Loss Prevention (DLP) is a concept that may include a range of solutions designed to identify and prevent instances of data loss within your organisation. These solutions can be configured to work on your corporate network, e-mail platforms or computer systems. Solutions may enforce intelligentData Loss Prevention (DLP) controls that block or considerably reduce your risk. Monitoring and inspection will review activity, traffic flows and data access attempts to identify behaviours, risks and activity that could be indicative of data loss. Logging and reporting can provide a high-level overview of your data assets, activities and the risks posed to your business.

What data does your organisation store and where does it reside?

What type of data do you store? This could include sensitive data: customer information, banking information, business price lists or corporate accounts. Most businesses use e-mail, but what about accounts, CRM, invoicing and helpdesk systems? Are these systems installed locally in your server room or does your business use cloud or SaaS applications? Is the data encrypted? do you backup your data? Before your can protect your data and identify data leaks, you need to understand your data network, what data your business has, what format and where it is stored.

What is the source of the information and who should have access to the data?

This is really trying to understand the data journey. Where is the data collected or inputted within your business? What systems is the data entered or imported into? Is the data encrypted at rest? A fundamental component of DLP is to understand who has access to your data and what controls are in place to limit, audit and grant access? It makes no sense to invest in a DLP solution to mitigate data leaks in progress, when you have invested no time in controlling who has access to the data in the first place.

Is your business the subject of any specific regulatory or compliance requirements?

Business drivers for DLP adoption often centre around regulatory and compliance requirements such as GDPR or PCI-DSS. In a more basic sense, you also need to consider corporate reputation, competitive advantage and customer confidence as key business drivers – jeopardising these elements could prove very costly, if not terminal for your business. When these factors taken alongside regulatory heavyweights such as GDPR are considered – you can see why DLP solutions exist.

How can I prevent Data Loss in my organisation?

Almost all companies rely on data for their businesses to function. Unfortunately, between hackers, viruses, insider threats and the accidental risk of data disclosure, data leakage (or data loss) is a real risk for any business. DLP solutions help safeguard your data assets, enable access to your information in a controlled manner whilst simultaneously protecting it.

If you would like to learn how MTG can help your business secure its data, limit its exposure, provide visibility and ensure compliance with forthcoming regulatory requirements such as GDPR – please contact us. Our experienced team will outline the options, costs and complexity of the different solutions – specific to the needs of your business and industry.

Regulatory Requirements

With regulatory requirements (FCA/FSC), PCI-DSS and EU data protection law, the need to safeguard both business and customer information is of paramount importance. Advanced persistent threats, malicious or disgruntled staff or accidental data loss all prevent a real threat to the modern enterprise.

Related Services

Internal Network Firewall
Managed Firewalls
Enterprise Networks
Antivirus and Endpoint Protection

More Information

DLP solutions address the risk of inadvertent or accidental leaks, or exposure of sensitive enterprise information to outside authorised channels, using monitoring, filtering, blocking and remediation (Gartner).

Solutions

Our solutions can identify data being taken outside of your organisation using your internet connection, removable devices or by e-mail. Many data loss events are accidental, with staff members uploading data to the cloud or file sharing services such as Dropbox. In other cases, the data leakage has malicious intent, with sales people exporting the CRM database or staff members removing confidential documents.

In all cases, MTG can recommend the most appropriate solution to prevent instances of data loss, facilitate compliance and provide insights into the movement of your company’s data. Our solutions include Network DLP Solutions, Endpoint Device Control, Auditing and Alerts, and Office 365. We have specific experience of GDPR, PCI-DSS and healthcare orientated engagements.

Network DLP Solutions
Our range of NGFW (Next Generation Firewalls) and INFW (Internal Network Firewalls) can provide full network visibility, application insight and data-loss prevention. Our solutions can detect data in transit (e.g. documents, text) and their L7 capabilities can inspect encrypted traffic such as HTTPS/SSL. This prevents data from leaving your organisation through your internet connection.
Auditing and Alerts
Our DLP solutions can alert your IT or management team when a data loss (or data leak) event is detected within your environment. This could include someone plugging in a USB drive, copying particular files to a USB drive or someone inserting removable media such as a DVD/CD. The events are stored in a reporting database that can be queried by the administrator to provide insight into activity within the ICT infrastructure.
Device Encryption
Device encryption should be employed to enable safe use of devices and prevent exposure through regulatory fines and breaches. Encryption scrambles your files using industry-standard encryption that means it remains private to your organisation and your users. Device encryption is built in to our endpoint solution and policies can be customised to mandate the use of encryption.
Endpoint Device Control
Removable devices such as USB keys, hard drives and bluetooth dongles can all be used to copy data from your organisation’s ICT systems. Furthermore, these same devices can be used to copy malware to your organisation’s IT systems, a particular area of concern with the advent of custom-malware and ATPs. Our endpoint solution can control, block and monitor device access in your desktop and server estate.
Multi-Vendor Approach
MTG work with a number of vendors to deliver best-in-class DLP solutions to our clients. Our partners have been selected to ensure the most appropriate solutions are employed to match the business needs, budget, regulatory requirements of our customers. The range of services includes network, perimeter, endpoint and device DLP solutions.
Office 365
Office 365 and Dynamics feature a rich set of tools that, when configured correctly, can be used to safeguard your organisation and help identify instances of data loss. In particular, the DLP solutions within Office 365 may actually enhance your capabilities, particularly in the light of GDPR and other regulatory triggers.
Lumension

More Information

Talk to our experts about safeguarding your business against data leaks or data loss …