Why Data Leakage Protection is Necessary for Endpoint Security
Originally published in Computing Security Magazine, may 2019
By Steve Watts, CEO, SecurEnvoy Ltd
As digital transformation takes hold in more and more companies, information that once had physical characteristics is now digital and available beyond the confines of a building. With physical property, the boundaries of this problem are obvious.
Keeping track of a laptop or a mobile phone is an issue that companies have faced for many years.Keeping track of digital data is much more difficult. As it travels through a network it is duplicated, manipulated and pieces are extracted and placed in locations you would not expect. To attempt to build – by hand – an asset registry to keep track of this constantly dynamic and fluid world would be a Sisyphean task doomed to failure.
Occasionally, the nature of data may change and suddenly be subject to regulation or require elevated protection as a trade secret. These issues significantly raise the level of difficulty in data security. Regardless of the data type, monitoring, locating and managing information is no longer possible today without sophisticated data loss prevention (DLP) solutions.
The primary goal of most DLP solutions is to ensure that sensitive information is not leaked, improperly accessed, or mishandled. Such solutions identify and locate sensitive data, monitor channels (or vectors) for leakage and actively prevent data from being sent or shared inappropriately. The identification and location of data can be automated for sensitive data like product designs, business plans, personnel records, health information, payment accounts and customer information. Channels like email, social media, storage devices and even online cloud services can be monitored to ensure data compliance. If data is found non-compliant or at risk, many solutions will prevent data from leaving, quarantine the information and alert necessary parties.
These solutions have been around for a few years and are now experiencing growth and adoption. Due to digital transformation and the shift to cloud solutions, many organisations are looking for new ways to manage the data expansion across their business. Additionally, regulatory and legal requirements for data protection have emerged, placing organisations at risk of encountering charges and fines for mismanagement. The risks and fines imposed have only heightened the need for additional security layers.
However, not all solutions are created equal. The primary issues with most DLP solutions on the market today are the degree of administration and set-up required and the inability to locate or identify sensitive data assets. Our SecurIdentity™ Platform DLP module automates the set-up and deployment process by utilising preset specifications with sophisticated algorithms to better identify sensitive data.Additionally, the SecurIdentity™ Platform DLP module monitors, tracks and, if necessary, for compliance or policy enforcement, quarantines sensitive data. When an issue is detected users can be given the option to remediate or delete the data themselves. User remediation options significantly reduce strain and resources for administration and DLP management. Of course, user activities are defined by the DLP administrator and can be removed, if necessary.
With the number of security threats, both inside and outside organisations, continuing to grow each year, the need for additional endpoint security layers has never been greater. The SecurIdentity™ Platform DLP module is the next logical step towards sophisticated layered endpoint security management.