Known by many names, Data Leakage Prevention (DLP), Extrusion Prevention Systems, (EPS), Information Leakage Prevention (ILP), Reverse Firewall…, the concept is impressive. We all spend money to protect our network perimeters, we monitor internal network traffic for suspected intrusive code, and we write policies until we are blue in the face. So what are we really trying to protect? The data! So wouldn’t it follow that we should have a solution that does just that? I know, you say that you do, but really, do you?
We pay people to access data in the course of their jobs. We occasionally have intruders make it through our defenses and reach the data. Regardless of who gets to it, isn’t the point to keep sensitive data where it is suppose to be? What if a solution can control what is done with the data (data handling)? Let’s say that a well-intentioned employee emails the wrong file to an outside entity. How about the disgruntled employee that sends who-knows-what to a competitor or customer? Let’s not forget about all that malicious code that somehow keeps making it onto internal computers. Yes, code can extract data too. I’m sure you get the point.
So what is needed is a solution that can stop data that is moved (attempted) in a way that is contrary to company policy; DLP. Shouldn’t it work whether the transport mechanism is email, FTP, IM, or anything else? DLP. What if someone changes a port to hide their actions? DLP. How about data in transit and data at rest? DLP, DLP, DLP!!
Now that I got you excited, let’s talk reality. Not all DLP solutions are the same. Control Point has done the research and proof of concept testing in order to simplify things for our clients. We offer two best-of-breed DLP solutions from different manufacturers. This is done to meet the varying needs of diverse clients and scale to meet their functional and budget constrictions. Advanced configurations of these devices can become very complex and evolve over time, which is why we offer assistance in this area.
Now you can enforce what your policies say your employees should be doing. If breached, you can prevent personal, financial, and proprietary data from being extracted from your systems.
|
