Managed Data Loss Prevention (DLP)
We provide DLP monitoring and response using your DLP platform. We respond to alerts on DLP policies, manually investigate alerts, identify and remove false positives and escalate verified alerts to management following a defined escalation path. We create tickets in your ticketing system which correspond to DLP events and assign them to appropriate teams based on agreed roles and responsibilities. We communicate with business owners of affected data types and data stores to ensure expectations for monitoring and DLP rules are met.
We create quarterly summary reports including metrics on DLP effectiveness and showing trends and changes over time. We provide recommendations to improve DLP policies and time to address events (where they may involve multiple business stakeholders).
Emergency DLP Investigations Management
When you identify the need for emergency monitoring or investigations due to a business event, we can deploy additional resources within 24 hours to develop and begin executing a monitoring/investigations plan which may include deployment of new scope (endpoints or network locations), new DLP policies, search for data storage or theft/exfiltration, or other custom scenarios. In these situations, we can flexibly scale to 24x7 monitoring of DLP alerts related to emergency scenarios.
DLP Tool and Scope Management
We maintain the DLP platform including its health, availability, access controls and security administration. We plan, coordinate and implement upgrades when available from the manufacturer.