BANGALORE, INDIA: The rapid rise in security breaches and data loss incidents is driving companies to implement data loss prevention (DLP) solutions as part of their endpoint security systems to prevent sensitive information from making its way out of the network.

Companies must prevent data from being accidentally or intentionally delivered into the wrong hands, without making that data inaccessible to mobile workers, partners and the supply chain.

DLP software is, consequently, as important as antivirus, host intrusion prevention, firewalls, and other security technologies and must be incorporated into an overall enterprise security system.

As organisations increasingly look to incorporate this technology, it is critical to understand what makes some DLP solutions more effective than others. The most comprehensive DLP tools enable businesses to discover data, monitor, protect and manage it.

Locate Sensitive Data
The proliferation of mobile computing devices and the use of portable media, such as USB flash drives, signal the increasing mobility of today's workforce. In such a scenario, knowing which desktops, laptops or other devices contain the most sensitive data is, in itself, a daunting task. Worse still, it is impossible to track how sensitive information is accessed and manipulated without knowing where that data is stored across the thousands of endpoints that connect to the network. Indeed, unless such information is first found, it cannot be secured.

DLP addresses this issue by providing visibility into where confidential data is stored. DLP scans endpoints – whether remote or local – for sensitive data, regardless of whether users are on or off the network. Once IT is armed with this information, it can inventory, secure or relocate this data.

By pinpointing the systems on which the most sensitive data is located, DLP also makes it easy to decide which laptops and desktops need encryption. 

Track Data Use
Once confidential data is located, its use must be monitored to ensure it remains private. DLP can track how sensitive information is being used at the endpoint, whether or not that endpoint is attached to the network.

DLP monitors files that have been downloaded to local drives, copied to USB or other removable media or burned to CD/DVDs, as well as data transferred over email, IM, FTP or HTTP. It also monitors sensitive information that is copied, pasted, printed, or faxed electronically.

DLP takes the guesswork out of data handling. Organizations with DLP solutions can rest assured that customer lists are not copied to removable media, source code is not copied on to a new file, design documents are not burned to CDs or DVDs, price lists are not printed out or faxed to competitors and more.