IT Security Purchasing Intentions 2013 - Europe

Rolling out Data Leakage Prevention (DLP)

4 of 11
Warwick photstory Security4.jpg

ISSA-UK a professional association for IT security professionals, advises organisations to start a Data Leakage Prevention [DLP]  project with a pilot in a small, self-contained, business area or function and to begin by detecting leaks only, rather than attempting to block them.

“Don't block anything until you know what you are dealing with and tune your policies based on that learning. Look for false negatives as well as false positives by creating lots of test scenarios, otherwise leakage of real sensitive data could occur,” said Adrian Wright, vice president of research for the group.

According to Nigel Stanley, CEO at security consultancy Incoming Thought, DLP has been sold as the answer to all a corporate’s problems when it came to data loss. But very quickly clients he worked with found it unwieldy and ineffective.

“Back in 2009 I suggested that DLP should be coupled with data encryption (DE) so that any gaps in a DLP solution should only see encrypted data going missing.

“Nowadays I see DE being the primary mechanism to prevent data loss instead of a DLP. But DE is problematic as while encrypting data is trivial, the key management can become a burden very quickly.  In clients I work with, I see DE in 95% and DLP in around 5%,” he said.

Download our complete security survey results here.

4 of 11

More from this story

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy