A quick Google on “Data Loss Prevention Definition” results in the following definition from a couple different sources:
“DEFINITION: Computer security term referring to systems designed to detect and prevent the unauthorized transmission of information from the computer systems of an organization to outsiders.”
I want to change the conversation. Data Loss Prevention above implies hardware or software, but isn’t preventing the loss of your data a concept that goes beyond hardware and software? Don’t get me wrong, I love DLP tools and I know every organization needs a DLP solution integrated into their suite of security controls, but we need to look at this from a standpoint of creating a program to protect the loss of data.
A data loss protection program is an element of Risk Management. The process starts with a Risk Assessment which will define the assets, assess the risk, and develop a treatment plan. The Risk Assessment will identify all points of data leakage, electronic or otherwise. A DLP tool will be used to discover data at rest and data in motion for the purpose of identifying the potential for electronic leakage. But the Risk Assessment will also identify the business processes that could result in other types of leakage.
Here is my favorite example of data leakage, I love the picture of the documents all over the highway.
“Confidential medical records were scattered all over a busy intersection. Some of the documents even list social security numbers.”
To answer the question, “What Is Data Loss Prevention?”:
Data Loss Prevention is an element of a Risk Management approach that uses tools and best practices to prevent unauthorized (inadvertent or intentional) release of confidential, restricted, private, or protected information.
More to come, next I’ll talk about the key elements of a data loss prevention program and how most effectively to implement and use the tools.