Security Risk Advisors

DLP Implementation and Tuning

Consistently protecting sensitive data is hard to do without knowing where that data is located and when it is moved to somewhere that might be insecure. Leading enterprises are taking a data-centric view of security by focusing efforts on specific sensitive data types and by using Data Loss Prevention (DLP) technologies to gain visibility and control.

We have a proven, comprehensive DLP deployment approach and customizable accelerator tools to assist clients through the process of:

  • Developing the business case and engaging business stakeholders
  • Selecting a product based on a competitive lab-based evaluation
  • Installing the software and configuring detection policies
  • Establishing the operational processes to remediate events
  • Growing your DLP capability to meet new and highly-customized business needs for data protection

Effective DLP deployments typically involve more business interaction than any other IT Security process. Sensitive data detection policies and event response are both highly dependent on business requirements and definitions of what needs protecting.  It is critical to define the authorized and unauthorized use of data. This is particularly important when considering custom data such as intellectual property or sales data, or when managing international privacy and security requirements.

Establishing an overall data protection program that combines preventative controls and detective controls is a multi-phase project. Our experience assisting clients from strategy through technical configuration and business process integration has given us insight into the critical success factors that make DLP deployments deliver tangible business value.