1. Home
  2. Deploy DLP, Retain Customers

Deploy DLP, Retain Customers

The basic business benefits of deploying DLP would be retaining customers by safeguarding data, which could have been potentially poached by competitors.

Most CISOs across India pay more attention towards securing their organisation from external threats, however, over the years, reports have continued to reveal that the first-point of breach or data leakage in most security incidences have occurred from within the organisation. CISOs are obviously aware of insider threats, however, when it comes to dealing with them, they are yet to arm themselves with real-time tools to effectively monitor, manage and protect orgnaisational data from the employees.
 
So, does it mean that organisations have nothing in place to safe-guard data from their employees? Not really. Data Loss/Leakage Prevention (DLP) is already a part of every enterprise security strategy in the form of deployed firewalls, encryption solutions, etc. From the policy perspective, organisations already have established processes on data leakage like how to request access to a corporate system etc. However, the problem is in real-time enforcement of these technologies and policies. This is where a DLP solution comes into play.  

In an exclusive interaction, Tarun Kaura, Director, Technology Sales, India, Symantec, shares why DLP is becoming crucial and how CISOs should plan around DLP. Excerpts:..

Despite knowing that employees can leak sensitive information, most companies are not eager to deploy DLP solutions. Why do you think DLP is crucial?

With mobility, enterprises must realise that employees are no longer carrying corporate-owned devices. However, the information that is being stored in these devices are exclusive to the organisation. Any kind of loss or leakage of this confidential data might mean loss of business. DLP solutions can mainly help organisations in identifying insecure business processes along with monitoring and preventing accidental data or intentional data disclosure by employees.

What are the prerequisites of deploying a DLP solution?

Classification of data is one of the most important things to do even before considering a DLP solution. Orgasniations need to categorise data according to the level of sensitivity and confidentiality. The next step is identifying the data exit points where leakage might take place. Primarily, data resides in three stages. First of all, data in-use, for example, data in any end-points like mobile, disks, USB, print, network shares, etc. Secondly, data in-motion, via network traffic like e-mail, webmail, FTP, etc., and lastly, stored data in file servers, databases etc. Identifying the weak links in the data chain is very important before deploying a DLP solution.

What are the key things that CISOs should consider while measuring the RoI of deploying a DLP solution?

The basic business benefits would be retaining customers by safeguarding data containing their details, which could have been potentially poached by competitors. While going through the process of deploying a DLP strategy, any organisation would have ideally identified critical business processes, which had access to this sensitive data – and whether the process required data to leave the organisation and fix broken business processes.

After deployment, organisations can gain access to incidents that were identified where critical information was being sent out (accidental / unintentional) of the organisation unprotected, and work out processes with data owners to secure or eliminate them.

Nike


Add new comment