Data leaks occur frequently, is DLP a panacea to solve the problem of data leakage?

# DLP 2

In recent years, data leaks occur frequently. According to the 2021 data breach cost report released by IBM, the average total cost of data disclosure will increase by 10% from 2020 to 2021, with an average cost of $401 million for very large-scale data leaks resulting in 50 million to 65 million record leaks.

The 2021 data breach investigation report released by Verizon pointed out that 85% of the data breaches in 2021 were caused by human factors. The main causes of data leaks in 2021 are Web application attacks, phishing and blackmail software.

Facts have proved that the combination of technology and management is the key to fundamentally solve the problem of data leakage.

Data leakage prevention (DLP) system plays a very effective role in solving the problem of data leakage by technical means. Especially after the introduction of automation and machine learning technology, and the server load has been significantly reduced, DLP products have won a place in the data security market.

The evolution of DLP

DLP is a mature data security product with a history of about 20 years. When banks and large companies began to consider enhancing data protection capabilities for sensitive customer data, data leak prevention solutions emerged-- this is the enterprise side of the need for DLP to guard against external attacks. Security review from relevant departments and ensuring compliance is another requirement.

At the same time, in the aspect of strengthening the internal protection of the enterprise, DLP ensures the security of the internal data assets by monitoring the internal network communication, detecting and blocking the suspicious activities of the internal network. Therefore, the demand of enterprises for DLP has increased sharply in recent years.

The DLP system is mainly used to solve the following data security issues:

Objective understanding of DLP

It is important to understand the DLP protection mechanism because it lets users know where DLP can work. Users need to know that DLP is not omnipotent in protecting data security, because security is a complex process. DLP plays a unique role in protecting data communications, monitoring user operations, and monitoring file storage. But DLP will not help with threats that are beyond the control of DLP.

By combining DLP with the following factors, enterprises can build an overall data leak prevention strategy.

Although the DLP system provides excellent data leakage prevention capability, it is not enough to prevent all data leakage events, and it also requires changes in data-related processes and procedures within the enterprise.

DLP deployment mode

Typically, DLP is deployed as follows:

It doesn't matter whether the user's IT infrastructure is hosted in the cloud or locally. Either way, the protection of data will be concentrated at the core of the network. When the DLP system identifies insecure files in the cloud environment, it blocks such access and notifies security personnel to avoid business process disruption.

It is important to use the DLP sensitivity tag as a support tool. It can set personalized policies by category (content, groups, and so on), and then mark which files need to be protected in the interface. But this approach to tagging has a drawback: they usually cannot be taken over automatically, and policy invalidation may occur if the file is moved.

New features of DLP

In response to new threats, many innovative features and functions have emerged in today's DLP system, such as:

Some experts believe that future DLP solutions will gradually absorb many CASB functions; DLP vendors will increasingly use machine learning technology to improve processing speed and reduce manual operations; and it has become an important trend in the development of DLP systems to predict and prevent data leakage by strengthening user behavior analysis (UBA) modules.

With the development of containers, the monitoring of orchestration and managed environment repositories has become an important scenario. In terms of multilingual support, the DLP system will also be enhanced in the interface and program code.

How to choose a DLP system?

Users must know what problems they want to solve with DLP. DLP suppliers also have an obligation to point out some directions for users, which is a matter of communication and cooperation between the two parties.

The following listing can help users choose the appropriate DLP solution:

Development trend of DLP

Digitization produces a lot of valuable data, but it also brings higher risks. No matter where the data is stored or transferred, it needs to be protected. At present, the main challenge facing DLP system is the automation and deep integration with business processes.

At present, DLP and CASB are independent solutions, but the integration of the two may be a trend in the future. On the other hand, CASB is gradually possessing some of the functions of DLP. The convergence of cloud and on-premises solutions will also be a trend. Security experts believe that the next step in the development of DLP may be transformed into a system to defend against a wider range of threats.

Conclusion

Today, the DLP system has developed into a powerful security tool that can address many risks associated with data leakage. But at the same time, it is important to understand that DLP is an element of a larger overall security system, not a universal solution. Data leakage prevention is a complex work, which not only needs the support of technical tools, but also includes the establishment of a sound data management system within the enterprise and good cooperation between different departments.

At present, the important direction of DLP product development is automation, deep integration with security processes and cloud services, CASB functional support and enhanced machine learning modules, in order to predict threats, enhance the operation of the overall product and reduce hardware load.

"Network Security and Informatization" magazine gives priority to practicality, providing security advice and methods, practical solution recommendations, and upgrading methods of unit IT infrastructure for technical personnel of IT departments in various industries. Welcome to subscribe!