Challenges around data protection and the insider threat have changed significantly over the past few years.  The build out of digital business to include outsourcing projects, new business partners and offshore centers coupled with stricter compliancy laws, new types of technology, and constant personal changes, makes protecting your sensitive data a very difficult task.  Now when you combine that with increasingly sophisticated hackers, identity thieves and disgruntled employees, this puts more sensitive data at greater risk than ever before.

Today, companies are struggling to identify and protect sensitive information within their organizations. Securing information such as personally identifiable or personal health information of employees and customers, intellectual property and trade secrets, marketing plans and legal documents, is a top priority for them.

The need to protect key information assets in a wide open online environment has given rise to the increasing demand for data loss prevention (DLP) solutions.

What is Data Loss Prevention?

DLP addresses three fundamental questions:

1. Where is my confidential information being held? - This includes the data's lifecycle or journey and where the data is being stored (third parties, off-shoring, outsourcing).
2. How is the data being used? - This should include why, when, what and who accessed it.
3. How can we best prevent data from being lost? - What are the risks and thus what possible mitigating actions could be deployed to avoid loss, theft or compromise? At the heart of Data Loss Prevention is understanding what the value of the data is to the organization, how everyone is responsivle for ensuring its 'health and safety' - in essence, this can only be achieved through a comprehensive understanding of the risk (risk analysis) facing your data, and educting the people who handle or access it, i.e. mandatory training for all people who come into contact with it. This may appear like a basic concept, but it is one that is often neglected - as with treating any symptoms, compromised, manipulated or stolen is a critical part of the process of understanding DLP and winning the 'hearts and mind's of every employee, and anyone who comes in contact with the data.