What Is Data Loss Prevention?
Data leakage prevention (DLP), also known as "Data Loss prevention" (DLP), is sometimes called "Information leakage prevention" (ILP). Data leak prevention (DLP) is a strategy to prevent a company's designated data or information assets from flowing out of the company in a form that violates security policy regulations through certain technical means. The concept of DLP comes from abroad and is currently the most mainstream means of information security and data protection in the world.
DLP data leakage prevention system
- With the rapid development of information technology, computers and networks have become an indispensable tool and way for daily office, communication and collaboration. However, while the information system improves people's work efficiency, it also puts forward security requirements for information storage, access control, and computer terminal and server access control in the information system. The current solutions for internal and external security are still at
- Currently, there are three ways of data leakage: leaks in use, leaks in storage, and leaks in transmission. Generally, enterprises can prevent external intrusions by installing firewalls and anti-virus software, but in fact 97% of information leakage incidents originate from inside the enterprise. Therefore, based on the analysis of the above three leakage methods, the root of information leakage lies in:
- 1. Use leaks; 1) Technical data leakage or damage caused by operating errors; 2) Data leakage through operations such as printing, cutting, copying, pasting, saving as, renaming, etc.
- 2. Storage leaks: 1) Data in data centers, servers, and databases were downloaded and shared at will; 2) Resigned employees copied confidential information at will via U disk, CD / DVD, and mobile hard disk; 3) Theft and loss of mobile notebook Or repair caused by data leakage.
- 3. Transmission leak: 1) Easily transmit confidential information via email, QQ, MSN, etc .; 2) Pass
- The following is the schematic diagram of the DLP data leakage protection system
- Control internal files through authentication and encryption control and statistics using logs. At present, in the data leakage prevention market, there are only a few domestic product manufacturers with independent intellectual property rights. The DLP data leakage prevention system with reference to Hongan Information is mentioned above.
- Data leakage prevention technology (DLP) is becoming one of the most important security technologies on the market today. Companies favor data leakage prevention technology to protect proprietary data and meet regulatory needs, providing huge business opportunities for solution providers who want to reach the most sensitive parts of the security market. Data leakage prevention technology also presents numerous opportunities for security product sellers.
- Server encryption maintenance
- Maintenance of the server group is done by DNetSec. DNetSec consists of two parts, hardware and software. All kinds of hardware use high-performance collection server, and the software is document security gateway software. DNetSec automatically terminates decryption of all documents uploaded to the server, and automatically terminates encryption of all documents downloaded from the server.
- 2. Office collection and craft collection document maintenance
- Collected in office LAN and craft LAN
- 1. Testing on a static workstation image is very good, but most problems with data loss prevention occur to users of the first DLP data leakage prevention system. Identify some key users in your first department where you deploy a data loss prevention solution, train them as needed, and work closely with them during the testing phase. With the help of key users, you can avoid problems in the testing of non-technical business units and avoid situations where there is no user feedback in the deployment.
- 2. Make sure your directory server is up-to-date and accurate (this actually applies to any form of DLP data leakage prevention system). Most organizations design their data loss prevention policies to apply different policies based on user roles. Even if a computer group is mapped to a business unit or a specific user in that business unit, the policy may be broken during the next update. It is much better to manage by users and groups or roles than by computers, even if this means that you first need to spend some time adjusting your directory server. [1]
- 3. Establish a DLP data leakage protection system that adapts to your digital users. Switching a pattern matching strategy, such as regular expressions, will increase false positives, but will reduce the impact on computer performance. You can also set the policy to switch to monitoring / warning mode instead of blocking mode to further reduce the impact on users, although the security risk is higher.
- 4. Focus on terminal discovery and USB protection first. In a series of DLP data leakage prevention system tools, discovery (finding sensitive information on the local hard disk) and USB monitoring / blocking are the two most important functions. Helping track users' access to sensitive information outside of approved enterprise applications, and storing or sharing sensitive information locally are also important features of endpoint data loss prevention. Once terminal discovery is enabled, select incremental scanning (if your product provides this feature); no one wants their computer to stop abruptly due to antivirus scans every Wednesday and noon, and data loss prevention scans every Thursday.
- 5. Take your time and gradually roll out agents and strategies. After completing your initial testing of your DLP data leakage prevention system, roll out those strategies group by group to ensure that the product has good applicability so that it will not cause too much pressure on your incident response team. When users start using data loss prevention for the first time, almost every DLP data breach prevention system customer will report a large number of policy violations until the user self-trained to better manage the protected information. Relieved. . [1]