/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW DELHI, INDIA: Within the past few years, Data Loss Prevention (DLP) has become a hot buzzword, as vendors of various persuasions rush to address – or take credit for addressing – the massive issue of data breaches.
With five of the ten largest data breaches in history in the past year , data loss was clearly the biggest security issue in 2007. Because it involves the organizations critical information assets, data loss is not just an IT problem, it is a business issue and a top priority for corporate executives and boards.
In fact, it’s clear to see why corporate executives in boardrooms around the globe are asking “What can we do to prevent this from happening to us?
”The answer to that question lies in understanding the true nature and value of DLP as a solution—that involves not just technology, but also people and process—and why it’s such a critical component to protecting and controlling an organization’s most sensitive data.
Vishal Dhupar, Managing Director, Symantec India explains the concept of Data Loss Prevention(DLP) and means to mitigate the problemof data loss.
Vishal also charts the evolution of DLP market and and also gives preview to the future of DLP market.
CIOL: What is Data Loss Prevention?
Vishal Dhupar: Data Loss Prevention (DLP) is the combination of people, processes and technology focused on preventing confidential information or other sensitive data from leaving an organization.
Whether it is Personally Identifiable Information (PII) such as customer or employee records, proprietary corporate data such as financial statements or marketing plans, or intellectual property (IP) like product plans or source code, confidential data represents a valuable asset that must be carefully managed and protected.
CIOL: Why is data loss such a huge problem?
VD: Organizations everywhere now rely on high-speed networks and mobile computing to more easily share and access information. Unfortunately, this wide open world also presents new challenges for information security—how to prevent the loss of the most sensitive data. Breaches of personal data have reached epidemic proportions.
What’s more, the loss of intellectual property poses a real threat to every business. Security solutions, designed to protect the network or limit information access, simply do not address the fundamental questions of where sensitive information is stored, how it is used, and how best to prevent its loss.
CIOL: What is being done to address the problem?
VD: Highly-publicized data breaches have kept the issue of data loss prevention in the public eye, which has made DLP a top priority not only for IT security but for corporate executives and boards.
The vast majority of breaches are not caused by malicious attacks; they are the result of inadvertent actions by well-meaning employees and broken business processes.
Companies can’t ignore the fact that traditional security alone, which is focused on protecting the perimeter and keeping the bad guys out, cannot solve the problem of data loss.
That’s why companies are turning to DLP. Many of the world’s largest, most data-driven businesses now employ DLP solutions to significantly reduce the risk of data loss.
CIOL: How have DLP products evolved?
VD: DLP products were first deployed on the network, enabling organizations to establish data security policies, monitor email traffic and accurately detect policy violations. Protocol coverage then expanded to include
Web mail, FTP, secure Web mail and IM, and the ability to proactively block transmissions that violate policy was added to DLP solutions. Next came the ability to discover and protect exposed confidential data on file servers, desktops, laptops and various data repositories using the same polices as were used on network traffic.
Today, DLP capabilities extend to the endpoint to prevent confidential data from being copied to removable devices or downloaded from servers in violation of policy.
CIOL: How has the DLP market evolved?
VD: Early adopters of DLP solutions were in heavily regulated industries that dealt with large volumes of highly confidential customer data, primarily financial services and insurance.
Today, most major U.S. banks and insurance companies have deployed DLP, but the market in other industries is growing rapidly.
Healthcare organizations need to protect patient data; manufacturing and technology companies must protect trade secrets to maintain competitive advantage; and government agencies must safeguard citizen data, as well as matters of national security and defense intelligence.
In fact, we are seeing demand from organizations in virtually every industry.
CIOL: What are the market drivers for DLP?
VD: The biggest driver is the risk to reputation. Nobody wants to see their company’s name in the paper because of a data breach. Then there is the financial risk. A typical consumer data breach costs nearly $200 per customer record in remediation processes and lost business.
On average, these costs run to more than $6 million per incident, but of course it can be a lot more than that, depending on the size of the breach.
Compliance is another big driver for DLP. Several U.S. and global data privacy regulations, such as Gramm-Leach-Bliley, HIPAA, the Payment Card Industry (PCI) Data Security Standard, and the EU Data Directive, as well as more than 35 state privacy laws, require organizations to safeguard confidential customer and internal data.
For technology and manufacturing companies, DLP is all about maintaining competitive advantage by protecting IP assets.
These companies look for a DLP solution to protect them from malicious employee behavior, pirating, or accidental leaks that can expose future product plans, proprietary formulas or specifications, financial models, process documentation, and source code.
CIOL: How does encryption relate to DLP?
VD: Encryption and DLP are complementary technologies that should be applied based on policy to help protect sensitive data as part of an information risk management strategy.
Many of our customers today take advantage of integrations that enable confidential data detected on the network or discovered on servers or desktops to be encrypted automatically. DLP should also be used to identify risk areas, whether on endpoint, network, or storage systems, in order to help prioritize encryption deployments.
CIOL: Will DLP be integrated into other security solutions?
VD: DLP is already integrated with a variety of security solutions, including email gateway, web proxy and encryption solutions, but not as a feature of existing products.
The monitoring and discovery capabilities of DLP rely on existing infrastructure and are managed and reported back to a central DLP policy platform that helps organizations understand holistically where their information is, how it’s being used and how they are enforcing the policies to prevent its loss. There are some natural areas for potential future integration, including endpoint protection, back-up storage and email archive technologies.
CIOL: Will the market for standalone DLP continue to grow?
VD: Absolutely. DLP will continue to grow as a standalone solution because it addresses a pressing problem with severe potential consequences faced by nearly every organization today. By standalone DLP, we mean unified DLP solutions that enable organizations to define their data security policies once and enforce them everywhere, across endpoint, network and storage systems. That is what customers are asking for today, and that is the vision that will ultimately be realized in every industry.
CIOL: Who should be involved in preventing data loss?
VD: Unlike perimeter security, which is essentially an IT security problem, data loss prevention is about an organization’s most valuable information assets, which makes it a business problem first and an IT problem second.
That’s why DLP implementations require a wide range of roles and responsibilities, including business unit managers, compliance, HR and legal, not just IT security. Unlike anti-virus solutions, incident response and remediation represents nearly 80 percent of the work of DLP.
For instance, when an employee is found copying files to an iPod, who needs to know about it? How do you follow up and educate the employee? And, if the violation occurs several times, how do you escalate the problem? These are business questions that need to be understood and resolved by business people.
CIOL: What progress on the legislative front do you anticipate in 2008?
VD: Data breach notification legislation has more momentum in 2008 than ever before and, along with patent reform, is one of the key IT policy areas that Symantec is hopeful will get passed into law this year. On Capitol Hill, there is bipartisan support for national consumer data protection bills in both the House and Senate.
At the state level, it’s the best environment ever – 40 states already have their own data breach notification laws and we anticipate more will follow suit this year. We also expect progress on the international front in 2008. The UK has been besieged by highly publicized data loss incidents that have sparked debate around updates to its Data Protection Act that could increase penalties and allow for “spot checks” to government agencies.
CIOL: Where does DLP go from here?
VD: The DLP market is still young, but the fact of the matter is that DLP really is inevitable. We’re at the beginning of a huge shift in how organizations manage risk and use their data.
DLP has moved past the hype with real deployments in organizations with hundreds of thousands of employees, automating the process of data protection and demonstrating significant risk reduction. As more organizations understand the value proposition, adoption of DLP solutions will increase exponentially just as we have seen with other security categories. It comes down to protecting the information and