Questions tagged [dlp]

Data Loss Prevention (DLP) is a computer security term referring to systems that identify, monitor, and protect data in use, in motion and at rest

From Wikipedia: http://en.wikipedia.org/wiki/Data_loss_prevention_software

Data Loss Prevention (DLP) is a computer security term referring to systems that identify, monitor, and protect data in use (e.g., endpoint actions), data in motion (e.g., network actions), and data at rest (e.g., data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination, etc.), and with a centralized management framework.

40 questions
12
votes
3 answers

Prevent acccess to the C drive on Windows systems

Is it possible to prevent regular users from accessing the C drive via Windows Explorer? they should be allowed to execute certain programs. This is to ensure that employees cannot steal or copy out proprietary software even though they should be…
10
votes
3 answers

What factors do you use to choose data loss prevention techniques to use, if any?

Had an excellent discussion this evening with ISACA Scotland around data loss prevention. There are technical tools out there from such luminaries as Checkpoint, MacAfee, Cisco, Symantec etc, but all have cost implications, scale limitations and…
Rory Alsop
  • 61,367
  • 12
  • 115
  • 320
8
votes
6 answers

How can I secure a network share from the insider threat?

We have a network share that contains thousands of files. I am concerned that anyone with access to the internet could copy that information to a CD. In addition to disabling all removable media, what else could I do to prevent someone from…
SLY
  • 387
  • 2
  • 8
5
votes
5 answers

DLP to protect Source code for Startups

My client is a small startup who wants to protect their Source code, have basic network security, USB disable etc. are in place. Wondering what are DLP options suitable for a small startup, mainly to protect intentional or accidental Source Code…
5
votes
2 answers

How can I prevent private data from being disclosed outside of my organization?

I'm not looking to secure my internal network. Our company keeps sensitive customer information. How can I prevent this information from spreading outside of the company? How do big companies prevent to leakage of their information? I seek a…
AminM
  • 175
  • 1
  • 8
4
votes
2 answers

Does there exist software that will scan a filesystem for possible files containing PHI?

I don't need a list of software (I know shopping questions are off topic), but my google-fu is failing me at this. Basically looking for software that will scan a filesystem looking for files that may contain Protected Health Information. Target OS…
MDMoore313
  • 978
  • 9
  • 14
3
votes
2 answers

Blocking executables at the firewall in the enterprise

The infrastructure team in our medium enterprise has requested blocking of all executables at the firewall. We have a firewall which is capable of DLP, so therefore this can be set up fairly easily. I'm not sure if this is a good idea or not. My…
Mark
  • 33
  • 2
3
votes
6 answers

How do I prevent data from leaving my network?

I have a network of about 10 computers and I want to prevent sensitive data and source code leaks. To achieve that, I would like to block all file uploading / attaching. What are the options available to me? Are there hardware firewalls that allow…
Joyce Babu
  • 133
  • 1
  • 5
3
votes
1 answer

Why would a goal of DLP solution implementation include "loss of mitigation"?

I'm studying for the CCSP exam and a practice question read: The goals of DLP solution implementation include all of the following, except: A. Policy enforcement B. Elasticity C. Data discovery D. Loss of mitigation I chose D because I…
Mike B
  • 3,336
  • 4
  • 29
  • 39
2
votes
3 answers

Is my Data Loss Prevention approach missing something obvious?

I think I'm too close to the problem here and I just looking for a sanity check. My product blocks files from being stolen by restricting what programs can access what 'type' of the data. (e.g. Excel can read xls(x), Word can read doc(x), etc.). …
Iunknown
  • 133
  • 4
2
votes
3 answers

Where do organizations store their sensitive documents? How do they protect them?

Where do organizations store their sensitive documents? How do they protect them? What are the pros and cons for each method? (If there are multiple common ones) EDIT: I am more referring to applications that organizations use to save their…
Roy Reznik
  • 123
  • 3
2
votes
1 answer

How to detect file uploads from our network?

I'm looking to monitor file uploads to the internet (mainly through web browsers) from our network. Specifically our application source files. What is the best way to do this? I'm aware some DLP solutions exist out there today, but is there a better…
mumbles
  • 380
  • 1
  • 2
  • 12
2
votes
2 answers

Block mobile tethering on android phones from Windows (DLP)

In our small organisation I have tried my best at implementing DLP by: Making sure users access all files from the server Local disks are denied access (forced to work only on network drives) Disabling mass storage Implementing IPSec to block users…
AlphaGoku
  • 121
  • 1
  • 6
1
vote
0 answers

DLP for Phone calls

I would like to know if there is a DLP system that can monitor phone conversation, in order to search for sensitive data leakage by the company users to external users. We know NSA does that :) Is there a software/appliance that can handle such for…
1
vote
1 answer

What security risks are associated with DLP Systems?

Some high level risks with DLP that I can identify (with the monitoring componant): 1- Abuse of authority: people with access to the system can look into other users private data. 2- Loss of service availability: Specially within large…
AdnanG
  • 707
  • 2
  • 8
  • 18
1
2 3