Control 15: Data Loss Prevention

Data Loss Prevention (DLP) is a new trend in Information Security, but really should not be. DLP may have been a missed opportunity when Network Intrusion Detection (NIDS) was first introduced. Is it all of a sudden that data exfiltration has become important? How was this missed as a priority for so long?

Define what is critical data and write regular expression filters on the NIDS that look for this data passed in unencrypted format. Educate users in security awareness training about importance of remaining diligent when handling sensitive information. Critical data should be defined in formal policy and discussed in new employee security awareness training classes. Snort signatures such as Credit Card Data, Sensitive data credit card numbers 138:2 can be used to specifically look form information that should always be sent securely.

Consider what a data loss prevention incident would look like on your network and design your defenses and alerting to these scenarios. SourceFire Compliance Rules can be configured to alert when the files that are large in size, flows that are long in duration and flows that are new and previously undefined. Once these basic alerts are in place, develop additional data loss scenarios based on recent high profile data loss events and design appropriate controls to detect them. This is a low cost way to get wisdom as cheaply as you can.

4 thoughts on “Control 15: Data Loss Prevention

  1. Hi all,

    Data loss prevention is a data leakage protection solution that helps organizations assess risk and prevent data loss over the highest points of risk. It safeguards proprietary information against security threats due to enhanced employee mobility. DLP is deeply integrated with many enterprise platforms to maximize utilization of your current infrastructure for DLP projects. Thank you…

    Add PDF Watermark

  2. Nice blog, thanks for your valuable information. Data Loss Prevention (DLP) – Only by building context around your most sensitive data will you gain a better understanding of how to protect, prioritize, lock down and monitor your data to avoid damaging data breaches.

Leave a Reply

Your email address will not be published. Required fields are marked *